A trove of internal documents from the Chinese cybersecurity company was leaked, exposing close ties between company executives and the Chinese Communist Party’s (CCP) public security departments and international espionage operations.
The Epoch Times could not independently verify the authenticity of the documents.
2/3 of iSoon’s Clients From CCP’s Public Security Bureau
According to work chat logs between Mr. Wu and iSoon’s second-in-command, Chen Cheng (also known as lengmo), Wu requested on Sept. 15, 2020, that each sales project be reviewed individually to ensure the order rate, stating that projects from China’s public security bureau account for 2/3 of the company’s total sales projects.As a designated supplier for China’s Ministry of State Security, the company also holds qualifications for the CCP’s national security work. In 2019, it became one of the first certified suppliers of the Network Security Protection Bureau of the Ministry of Public Security, providing technology, tools, and equipment. In 2020, it was awarded the “Second-class Confidentiality Qualification for Weapons and Equipment Research and Production Units” by the Ministry of Industry and Information Technology.
The second-class confidentiality qualification is the highest level of confidentiality that non-state-owned enterprises can obtain, enabling iSoon to conduct confidential research and development related to national security. Following these certifications, in July 2021, iSoon was shortlisted for the network security protection project of the Aksu District Public Security Bureau in the Xinjiang region.
In 2021, the Sichuan provincial authorities ranked iSoon as one of the “Top 30 Excellent Information Security Enterprises” in the province.
iSoon’s website published 15 appreciation letters from partners and clients, most from provincial and municipal public security bureaus.
During a chat on Sept. 15, 2020, Mr. Wu mentioned that the Ministry of Public Security leadership told him to persevere.
“The leaders in the department told me to persevere,” he typed in Chinese. “Although we are not making money now and barely making ends meet, we have done well in niche areas. They told me to persevere.”
Attacking Southeast Asian Countries
Based on the leaked documents, iSoon boasted in presentations and other documents that they had infiltrated or attacked the Indian Ministry of Defense, NATO, and the UK’s National Crime Agency, as well as having long-term deep access to telecommunications companies, government departments, research institutions, and military systems in neighboring countries around China.The documents also include malicious software targeting various platforms, including Microsoft Exchange and Android, X (formerly Twitter) public opinion control system, and custom hardware for network penetration.
On Aug. 25, 2021, Mr. Chen suggested that Mr. Wu go overseas to obtain data of interest to the communist regime. According to the chat log, Mr. Chen told Mr. Wu, “There will definitely be demands for overseas landing. Get local people to do it will do … It’s all good when you start making money.”
Public Security’s Overseas Intelligence Collection in East Asia
The internal chat records of iSoon’s top executives confirm that the Ministry of Public Security’s 11th Bureau, 10th Division, is responsible for intelligence in Hong Kong, Macau, Taiwan, Southeast Asia, and Northeast Asia.The CCP’s Ministry of Public Security, 11th Bureau, also known as the Network Security Protection Bureau, is an internal institution responsible for handling illegal and criminal cases involving computers and information networks, managing the national public information network security surveillance police, commonly known as “Internet Police.”
Mr. Wu: “I don’t know if we can produce anything now. According to the new reform within the department, we are expected to have more contacts with the 10th Division in the future.”
“The 10th Division is now responsible for Hong Kong, Macau, Taiwan, and the neighboring countries in Southeast Asia and Northeast Asia.”
The undertaking unit of this special operation is the 11th Bureau’s 24th Division, with Hu Fengming as the person in charge, and internal numbers and mobile contact information are provided. Several “public security bureau network security defense teams” are mentioned at the beginning, and the “list of participating personnel” is listed at the end, with 32 participating police officers’ real names.
China Digital Times stated that through network searches and cross-verification, it independently verified the identities of some participating police officers on the list and confirmed that 11 were Internet police officers from various places, confirming the authenticity of the documents.