(Reuters) – Chinese antivirus firm Qihoo 360 said CIA hackers have spent more than a decade breaking into the Chinese airline industry and other targets, a blunt allegation of American espionage from a Beijing-based firm.
FILE PHOTO: A sign of Qihoo 360 Technology Co Ltd is pictured at Internet Security Conference 2018 in Beijing, China September 4, 2018. REUTERS/Jason Lee/File Photo
In a brief blog post published on Monday in English and Chinese, Qihoo said it discovered the spying campaign by comparing samples of malicious software it had discovered against a trove of CIA digital spy tools released by WikiLeaks in 2017.
Qihoo – a major cybersecurity vendor whose research is generally followed for the insight it offers into China’s digital security world – said the Central Intelligence Agency had targeted China’s aviation and energy sectors, scientific research organizations, internet companies, and government agencies.
It published a catalog of intercepted malicious software samples as well as an analysis of their creation times that suggested that whoever devised the tools did so during working hours on the U.S. East Coast.
The CIA and the Chinese Embassy in Washington did not immediately return messages seeking comment. A message seeking additional comment from Qihoo’s chief security officer, Yuejin Du, was not immediately returned after business hours in Beijing.
The United States – like China and other world powers – rarely comments when accused of cyberespionage. There has, however, long been evidence in the public domain – released by former NSA contractor Edward Snowden, in the U.S. case, or by U.S. prosecutors and private cybersecurity firms, in China’s case – that both countries hack their opponents.
The allegations leveled against Beijing by U.S. companies have for years been laid out in lengthy, data-heavy reports. More recently, Chinese companies have begun doing the same with respect to other foreign hacking groups, including some that they say operate from U.S. soil.
Last September, for example, another Chinese antivirus firm, Qi-Anxin, published a report here that accused the CIA of hacking. Like Qihoo, it too said it had found evidence that American spies had targeted the domestic aviation sector. Also like Qihoo, Qi-Anxin’s researchers based their conclusions on the CIA software tools made public by WikiLeaks.
In its blog post, Qihoo said that the CIA’s alleged focus on the aviation sector could be intended to help it track real-time air passenger information, including “important figures’ travel itinerary.”
The accusations made by Qihoo and Qi-Anxin both stem from WikiLeaks’ 2017 release that the secret-spilling organization dubbed “Vault 7.”
U.S. prosecutors have accused a disgruntled CIA coder, Joshua Schulte, of handing the digital espionage arsenal to WikiLeaks as revenge for a series of professional setbacks, calling the leak “instantly devastating.”
“Years of work and millions of dollars developing those tools went up in smoke,” Assistant U.S. Attorney David Denton told a jury at Schulte’s trial in New York last month, according to a transcript here of his remarks.
“He did it out of spite.”
Schulte denies the allegation, saying he is being unfairly blamed for the breach because of his contentious relationship with his colleagues.
The Manhattan jury in Schulte’s case is expected to begin its deliberations Tuesday.
Reporting by Raphael Satter, Editing by Rosalba O’Brien