In mid-February, Chinese cybersecurity firm i-Soon appeared to suffer a massive data leak, which offered unprecedented insight into the operations of the company, known to contract for many Chinese government agencies. The more than 500 documents include conversations between employees, sales pitches, and internal documents, and expose the firm’s hacking methods, tools, and victims. They also show in what ways the offensive cyber industries in China and the U.S. are surprisingly similar.

Eugenia Lostri, Lawfare’s Fellow in Technology Policy and Law, sat down with Winnona DeSombre Bernsen, nonresident fellow at the Atlantic Council, to talk through the leaks and her research into the key similarities and differences between the Chinese companies and their counterparts. They talked about how the Chinese government hoards vulnerabilities, the similar contracting headaches that firms in the U.S. and China suffer from, and how the findings from this leak can be used to develop better norms.

You can listen to the podcast conversation, “China’s Approach to Software Vulnerabilities Reporting,” with Dakota Cary and Kristin Del Rosso here. The conversation, “Rules for Civilian Hackers in War with Tilman Rodenhäuser and Mauro Vignati” is here.

Support this show http://supporter.acast.com/lawfare.

Hosted on Acast. See acast.com/privacy for more information.