Zhenhua Data leak of the personal information of 35,000 Australians.

September 15, 2020 |

The collection and analysis of vast amounts of personal information is the hugely valuable for business, politics and public administration. It has been described as the twenty first century equivalent of what oil was to the twentieth century. It has revolutionised the way business is done and services are provided, for profit and otherwise.  The use of personal information has more dystopian uses, such as  surveillance by states as well as being able to used as part of a cyber campaign.

China is at the forefront of the cyber triaphilia; a keeness bordering on obsession with surveillance, a proficiency in cyber attacking and, finally a willingness and often desire to interfere with other states activities or at least individuals in those states.

Zhenhua Data is a company whose main clients are the Chinese Communist Party and the Peoples Liberation Army.  That is neither here nor there except that the ABC reports in Chinese database collects information on thousands of Australians, from PMs to pop stars it had built up a data base of 35,000 Australians according to a leak of 2.4 million entries in data leaked from Zhenhua Data.  The data base seems to have been built up with information publicly available but also sources which would normally keep that information private.

There has been much hand wringing as to why  a Chinese data firm collect information about a disparate group of people who seemingly have little to do with each other beyond them being public figures to a greater or lesser degree. The answer is quite straightforward.  Most governments keep files on influential political and industry figures of countries with whom they do business or have a strategic relationship. That is part of what the Department of Foreign Affairs does.  There is little sinister in that.  Knowing how an ally will react or how decisions are made in a neighbouring country is important.  An autocracy or worse is always obsessive about collecting data on leaders in a society.  When the Russians invaded Poland in 1939 and in overunning Eastern and Central Europe in 1944/45 the NKVD followed with lists of professionals, landowners, politicians.  The Nazis did the same in the countries it invaded.  It is not necessary for dictatorships to seize individuals.  With mass data collection and the option to cyber attack more information can be collected on more people and it can be used in ways more sophisticated than detaining individuals.

The article is a salient lesson on the need to keep personal information not only private but also secure.

The article provides:

What do Prime Minister Scott Morrison, tech billionaire Mike Cannon-Brookes and pop star Natalie Imbruglia have in common?

Each of them is the subject of entries in a vast database of people’s personal information, compiled by a company with links to the Chinese Government.

Revelations of the database have raised further questions about the extent of China’s global surveillance operations, and concerns for the privacy of the more than 35,000 Australians who appear in it.

And cyber-security experts say the leak contains lessons for us all.

So what exactly does this database contain?

The database was put together by Zhenhua Data, whose main clients include the Chinese Communist Party and the People’s Liberation Army.

It has 2.4 million entries, of which just over 10 per cent were accessed and restored by cyber security experts from Canberra company Internet 2.0, which was handed a leaked version of the database.

The 250,000 restored entries include 35,558 relating to Australians, with details including dates of birth, addresses, marital status, relatives, criminal records and political associations.

The restored entries also include profiles of citizens from the US, the UK, India, Indonesia, Canada, Malaysia, New Zealand and Papua New Guinea.

In some instances the profiles include news articles about the subject, images, and social media handles.

But Rachel Falk from the Cyber Security Cooperative Research Centre said more concerning was the fact some profiles appeared to draw on confidential bank records, job applications and psychological profiles.

Who has been affected?

Several prominent figures are among the 35,000 Australians discovered in the restored part of the leaked database, including state and federal politicians, military officers, diplomats, academics, civil servants, business executives, engineers, journalists, lawyers and accountants.

It’s not clear how people were selected for entry into the database.

Current and former prime ministers are on the list, as well as leading businessman David Gonski, Jennifer Westacott from the Business Council of Australia, and the billionaire founders of tech company Atlassian, Scott Farquhar and Mike Cannon-Brookes.

More than 650 Australians in the database are listed as being of “special interest” or “politically exposed”. However, it isn’t known how the company defines those terms, and there’s no suggestion anybody on that list has done anything wrong.

Among people on that list are the aforementioned pop star Natalie Imbruglia, Victorian Supreme Court Judge Anthony Cavanough, retired Navy admiral and former Lockheed Martin chief executive Raydon Gates, former ambassador to China Geoff Raby, former Tasmanian premier Tony Rundle and former NSW premier and federal foreign minister Bob Carr.

Also included are One Nation co-founder David Oldfield, National Party President Larry Anthony, former treasurer Peter Costello’s son Sebastian, ex-Labor MP Emma Husar, News Corp journalist Ellen Whinnett and rural businesswoman and ABC director Georgie Somerset.

How did Zhenhua get hold of all this information?

Much of the information could have been collected through open source techniques, as it is often freely available online.

It leaves open the possibility much of the data could have been collected by simply trawling through publicly available data.

“It seems to be that the database is comprised of what we call open source data. That comes from social media sites, it could be from news sites and blog sites,” Ms Falk said.

“Certainly what was concerning was the allegations of psychometric reports or financial information, and that is not information that should be freely available on any open source web search.”

Cyber security expert Clive Hamilton, from Charles Sturt University, said Zhenhua may have been collecting the information from inside Australia.

“The company … boasts that it has 20 information collection centres spread around the world,” he said.

“This suggests that there’s almost certainly one in Australia. So that means somewhere in Australia, there is a Chinese state-owned company that is sucking up data from across Australia and feeding it into China’s intelligence service.”

But Ms Falk said she was unsure that would be necessary.

“The worldwide web is worldwide … so there is no reason to suggest they would need to be located in Australia at all,” she said.

Why would they want to do this?

Ms Falk said there could be several motivations behind collecting the data.

“It could be to see or determine the vulnerabilities, it could be used by others to phish or to gain access to them, so send them an email to gain access to a system.”

She said some of the data collected would be invaluable to cyber criminals if it fell into the wrong hands.

“That list would be incredibly valuable to see what people’s potential vulnerabilities will be, or their interests might be,” she said.

“There could be a range of sinister and benign reasons, some of which we may not know for some time.”

Given so much of the data appeared to have been collated from social media and other public sources, Ms Falk said the leak contained a lesson for all Australians.

“I think [it’s] a wake-up call that whenever you post information on a website, or openly on social media, it is one global ‘trash and treasure’,” she said.

“If you post information for everyone to read, you have to expect that many people will read it.”

Leave a Reply