A leading Chinese cybersecurity firm has accused the United States Central Intelligence Agency of using sophisticated malicious software to hack into computers belonging to the Chinese government and private sector for over a decade.
The accusation against the CIA comes from
Qihoo 360, a prominent cybersecurity firm headquartered in Beijing. On
Monday, company published a report
of its investigation on its website, written in both Chinese and
English. The report identifies the hackers as “the CIA Hacking Group
(APT-C-39)”, and says that the group has carried out activities against
“China’s critical industries” for at least 11 years.
The report claims that APT-C-39 targets
included China’s energy and civilian aviation sectors, Internet service
providers, scientific research universities and organizations, and
various government agencies —which it does not name. The majority of the
hacker group’s targets were located in Beijing, and also in China’s
Zhejiang and Guangdong provinces.
According to Qihoo 360, APT-C-39 must be a
“state-level hacking organization”, judging by the hacking tools that
it used. These tools, such malware named by forensics experts as
Grasshopper and Fluxwire, are believed to have been designed by the CIA.
They were leaked
in 2017 by the international whistleblower website WikiLeaks. American
authorities have charged a former CIA programmer, Joshua Schulte, with
leaking the malware. Schulte denies the charges.
The Qihoo 360 report also claims that the
hours during which APT-C-39 hackers appear to be active correspond to
the working hours of the East Coast of the United States. It also
suggests that one goal behind the hacking operations against airline
industry targets was to access the travel itineraries of senior figures
in China’s political and industrial circles.