The I-Soon Files: China’s Surveillance Web on Pakistan’s Data Infrastructure

By Lucas Smith

A massive data leak from Chinese cybersecurity firm Shanghai Anxun Information Technology Co., Ltd (with trade name of I-Soon) has offered a rare glimpse on the extent of surveillance and illegal direct access China has over the sovereign data of Pakistan. 

On February 16, 2024, an anonymous user posted a huge cache of internal documents pertaining to I-Soon on GitHub (repository now taken down). It contains a variety of information, ranging from internal chat logs to technical documentation of tools or services provided by the company to its customers.

The leak revealed that I-Soon has targeted Pakistan Government data and had full access to the data of the Anti-Terrorism Centre of Pakistan, Data of the Police Department of Punjab Province and the communications data pertaining to the Zong Telecom Operator. It is interesting to note that Zong itself is owned by Chinese Telecom firm China Mobile and a major telecom player in Pakistan. 

From the leaks, it is evident that I-SOON works very closely with the Ministry of Public Security of China and has Public Security Bureaus of various Provinces of China as their clients. The hacked Pakistan Government data were accessed by Public Security Bureau officials in China through this firm.

The leak is particularly noteworthy because I-Soon belongs to an ecosystem of private actors providing hacking-for-hire services as well as intrusion technologies to the Public Security Bureaus and other security/intelligence agencies of China. Though Pakistan is claimed as an all-weather ally for China, in actual sense, China hardly trust Pakistan and hence this indirect access. 

Chinese enterprises are fully entrenched in all domains of Pakistan establishments including their all-powerful army. Huawei and ZTE has fully established the internal telecommunication network for Pakistan Army. Further, they have all sensitive communications of the Pakistani army happen through this network. With these leaks, it can be safely assumed that China would have complete access to the data following through this network.

Pakistan has fully supported the genocidal actions of China against the Uyghur Muslims in China. Pakistan has deported many Uyghurs from Pakistan who are wanted in China. Despite this strong support on Ughur issue, China doesn’t fully trust Pakistan. 

Considered as a heaven and fertile ground for terror organizations, Pakistan has provided a conducive environment for the terror entities to flourish. This is evident from the increase in footholds of terror organizations such as TTP in Pakistan. The TTP is able to conduct terror attacks in Pakistan at its will. The Pakistani establishment neither has the means nor the intention to stop the activities of these terror organizations. This being the case, China believes that ETIM could grow strong in Pakistan and create a threat to them. This could be one of the strong reasons for China to have complete access to the sovereign data of the Pakistani establishment to take independent actions against the entities working to harm China. This mistrust of China on Pakistan is not going to change at least for a decade. 

Lucas Smith is an anthropologist based in New York City. 

Note: The contents of the article are of sole responsibility of the author. Afghan Diaspora Network will not be responsible for any inaccurate or incorrect statement in the articles.