In a first, Chinese company publishes purported evidence of CIA hacks

March 4, 2020, 11:58 PM UTC

A Chinese cybersecurity company has published what it said is evidence the CIA has been hacking Chinese targets for over a decade.

The report by Qihoo 360, one of China’s premiere cybersecurity firms, said that some of the tools used to hack Chinese government, science, and industry targets since 2008 are the same ones that WikiLeaks revealed in 2017 as being developed by the CIA. That detail, according to Qihoo, along with the fact that a former CIA officer is on trial in New York City for the leak, ties the CIA to the hacks in China.  

The CIA declined to comment.

The mere existence of the report is a remarkable departure from what’s typical from China, which often denies U.S. accusations of its hacking activity but doesn’t provide public evidence of the U.S.’s own activity. 

The report comes three weeks after the U.S. government accused the Chinese military of  hacking credit-monitoring firm Equifax in 2017, exposing the personal data of 148 million Americans. 

Since 2013, western entities have regularly cried foul at alleged Chinese government hacking. Large cybersecurity companies like FireEye and CrowdStrike regularly publish detailed reports about what they say is Chinese hacking operations against their corporate clients. The U.S. Justice Department periodically charges Chinese government hackers by name, accusing them of using the information they steal to help Chinese companies get a competitive advantage.

The latest Equifax case is meant to establish a red line to dissuade China from engaging in similar activity in the future, current and former U.S. officials say. But with the Qihoo report, it’s clear that China has had enough of the U.S. government’s public spectacles, said James Mulvenon, author of the book Chinese Industrial Espionage.

“They’re sick and tired of being doxed and named and shamed,” he told Fortune. “And they just said ‘Hey, let’s give as good as we get.’”

Qihoo’s decision to cite the tools published by WikiLeaks as evidence of CIA responsibility— rather than publishing new details about the intrusions — is likely a calculated move. It means that China’s government doesn’t have to explain any of its own detection capabilities, which could compromise future monitoring of U.S. hacking..

The U.S. is widely known to engage in cyber-espionage. But unlike China, it says it draws the line at hacking that is intended to give domestic companies a competitive advantage. 

Undermining the reliability of the Qihoo report is that it gets a number of basic facts about the CIA’s organizational structure wrong. For example, it mistakenly said the CIA is divided into five major directorates, not four— information that’s easily found on the agency’s website.

More must-read stories from Fortune:

—How 5G promises to revolutionize farming
—Did the ‘techlash’ kill Alphabet’s city of the future?
—College backlash against facial recognition technology grows
In A.I., what would Jesus do?
Coronavirus is giving China cover to expand its surveillance. What happens next?

Catch up with Data Sheet, Fortune’s daily digest on the business of tech.

Read More

Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward