SpyCloud researchers point to government surveillance as evidence of insiders moonlighting in the data broker market Communications and documents leaked from i-Sun earlier this yearA cyber espionage contractor of the Ministry of Public Security and the Ministry of State Security. In a leaked chat conversation, one company employee suggests to another that “I'm just here to sell QBs,” and “sell some QBs yourself.” SpyCloud researchers interpret “qibi” as “qingbao” or “intellect”.
Given that the average annual salary in China, even at a state-owned IT company, is only around $30,000Spycloud researchers argue that the promise of making about a third a day in exchange for selling access to surveillance data – no matter how reliable or dubious – represents a strong inducement. “They're not necessarily masterminds,” Johnson says. “They're people who have an opportunity and a motive to make a little money.”
China amid concerns that some government insiders are actually taking advantage of their access to surveillance data Continuous fight against corruptionsays Dakota Carey, a China-focused policy and cybersecurity researcher at cybersecurity firm SentinelOne, who reviewed SpyCloud's findings. For example, Transparency International, China ranks 76th out of 180 countries in the world in its corruption index.Well below every EU country apart from Hungary – with which it is linked – including Bulgaria and Romania. “Corruption is rampant in the security services, the military and all parts of the government,” Kerry says. “In the current political climate it is a top-down cultural approach. It's not at all surprising that individuals with access to this kind of data are effectively renting out their access as part of their job.
In their research, SpyCloud analysts began attempting to use Telegram-based data brokers to find personal information about some high-ranking officials of the Chinese Communist Party and the People's Liberation Army, individual Chinese state-sponsored hackers. Wu Haibo, CEO of cybersecurity company i-Sun, has been identified in US indictments. The results of those queries included a grab bag of phone numbers, email addresses, bank card numbers, car registration records and “hashed” passwords – passwords likely obtained through a data breach that are protected by a form of encryption but Sometimes susceptible to cracking. -For those government officials and contractors.
In some cases, data brokers claim to restrict searches to at least exclude celebrities or government officials. But researchers say they were generally able to find a solution. “You can always find another service that is willing to do a search and get some documents on them,” says SpyCloud researcher Kyla Cardona.
The result, as Cardona describes it, is an even more unexpected consequence of a system that collects such vast and centralized data on every citizen of the country: Not only does surveillance data leak into private hands, but it also exposes those people. There is leakage in the hands also which the spectators are seeing.
“It's a double-edged sword. This data is collected for and by them. But it can also be used against them,” says Cardona.