A Chinese cyber security firm is covertly working with Beijing’s Ministry of State Security intelligence service in conducting cyber espionage operations, according to Pentagon intelligence officials.
The company known as Boyusec, officially the Bo Yu Guangzhou Information Technology Co., is also working with China’s global telecommunications company Huawei Technologies, which has been identified by U.S. intelligence agencies as linked to the Chinese military.
According to an internal report by the Pentagon’s Joint Staff J-2 intelligence directorate, Boyusec and Huawei are working together to produce security products that will be loaded into Chinese-manufactured computer and telephone equipment. The doctored products will allow Chinese intelligence to capture data and control computer and telecommunications equipment, said Pentagon officials familiar with the report.
“It’s closely connected to the [Ministry of State Security] and Huawei and they are developing a start-up program that will use malware allowing for capturing and controlling devices,” said one official of Boyusec.
No other details of Boyusec’s activities could be learned.
The employment of a cyber security firm as cover for intelligence gathering has been used in the past by Russian intelligence. China appears to be following the same pattern, analysts say.
The Defense Intelligence Agency reported last spring that Russia’s Kaspersky Labs was marketing security software for industrial control networks that the agency warned could create cyber vulnerabilities.
Government cyber actors from both China and Russia have been detected mapping American critical infrastructure networks, including the U.S. electrical grid.
Boysec’s website reveals that the company is based in Guangzhou, China, and is a “cooperative partner” with Huawei, along with the Guangdong Provincial Information Security Assessment Center, a government bureau that conducts security assessments of software.
Disclosure of Chinese security firm’s links to the Ministry of State Security followed a report in the New York Times earlier this month that China had pre-installed software on some Android phones that covertly provided a backdoor to supply data from the devices to China every three days.
Security researchers at Kryptowire discovered that the secret reporting software was produced by a company called the Shanghai Adups Technology Co. and was found on more than 700 million phones, cars, and other smart devices.