China’s Aussie spy database: Five things you need to know
More than 35,000 Australians, from singer Natalie Imbruglia to billionaire businessman Mike Cannon-Brookes, have been revealed as targets for Chinese espionage after a database of names, addresses, and personal details was leaked overnight.
The huge Australian contingent was among 2.4 million people profiled in the Overseas Key Information Database (OKIDB) that is believed to have been used by China's Ministry of State Security.
But many are now asking who created the list, who is on it, and what it was used for. This is what you need to know about the latest international incident between China and Australia.
WHO CREATED THIS LIST?
The list was allegedly created by a Shenzhen-based company called China Revival, also known as Shenzhen Zhenhua, and was leaked to an American researcher, Christopher Balding, by a source connected to the company.
Mr Balding shared it with other academics including Canberra cybersecurity firm Internet 2.0, led by Robert Potter, and released a research paper about its contents.
Together, they were able to extract the records of 250,000 people listed in the database, including 35,000 prominent Australians.
WHO IS ON THE LIST?
A huge range of people were listed in China Revival's database, from politicians and political aides to celebrities, billionaires, journalists, and military personnel.
Australian fitness guru Kayla Itsines made the list alongside Nine chief executive Hugh Marks.
Prime Minister Scott Morrison was profiled, as well as Foreign Affairs Minister Marise Payne, former PM Malcolm Turnbull and his children Alex and Daisy, and the son-in-law and son of former PM Kevin Rudd.
Information was also harvested on Reserve Bank of Australia Governor Philip Lowe, Atlassian co-founders Mike Cannon-Brookes and Scott Farquhar, and singer Natalie Imbruglia.
The list also included British and American targets, including the Queen, Prince Charles, and the Dukes of Cambridge and Sussex.
The researchers accessed the records of 51,000 Americans, 10,000 Indians, 10,000 Britons, 5000 Canadians, and 793 Kiwis.
WHERE DID THE INFORMATION COME FROM?
China Revival drew information from multiple sources to compile its database.
The database includes birthdates, addresses, photographs, marital status, family details, friendships, and political associations, alongside deeply sensitive information such as criminal records.
According to the researchers, the company "appeared to crawl information platforms to build out personal and professional profiles of key individuals globally".
It may have used existing databases and added other information harvested from social networks, such as Facebook, Twitter and LinkedIn.
But as much as 20 per cent of the information listed in the database was not easy to find through public sources, the researchers warned, and may have come from unauthorised access.
HOW WAS IT USED?
The database appears to have been designed for "information warfare," the researchers found, and "attempting to influence the debate and narrative about China".
The information on file, they noted, could "provide China enormous benefit in opinion formation, targeting, and messaging" and could be used to create messages to appeal to specific individuals.
Before news of the database was exposed, Shenzhen Zhenhua's website boasted that "social media can manipulate reality and weaken a country's administrative, social, military, or economic forces" in what it called "hybrid warfare".
The company shut down its website after journalists inquired about the database.
CAN I CHECK IF I AM ON THE LIST?
The database has not been made publicly available, but Mr Balding said he had shared it with government officials, journalists and other researchers to analyse its contents and understand how it had been used.
"What cannot be underestimated is the breadth and depth of the Chinese surveillance state and its extension around the world," he said in a statement.
"The world is only at the beginning stages of understand how much China invests in intelligence and influence operations using the type of raw data we have to understand their targets."
Australian Cyber Security Cooperative Research Centre chief executive Rachael Falk said the exposure of this database should act as a wake-up call to all internet users that the photos, comments, and personal information they put online could be used against them like "one global trash and treasure".
Originally published as China's Aussie spy database: 5 things you need to know