State-sponsored Chinese cyberattack was much worse than reported earlier


Last year, a report emerged in the media that China bagged hacking group named APT10 launched a cyber-attack campaign known as “Cloud Hopper” on 8 of the global renowned Managed Service Providers (MSPs). It was revealed the hackers spied on the world’s biggest technology service providers for years but were identified only at the end of 2018.

A report published in Reuters said that the hacking campaign was launched by APT10 to polarize the defense system of companies operating in the West. And was subjected to the indictment in December where two Chinese nationals were arrested and prosecuted for identity theft and fraud.

In December 2019, a special investigation was launched by Wall Street Journal(WSJ) on the cloud hopper campaign and it was found that it was much worse than what was reported earlier. The investigation revealed that Hewlett Packard Enterprise and IBM data centers were most affected by the campaign.

WSJ states that its investigation was launched to prove how vulnerable was the data was being stored on third-party servers and how easily were the hackers able to pursue it.

The study found that the campaign was going on in full swing even when the US-China were reaching a pact in 2015 to refrain from cyber attack activities leading to economic espionage.

In simple terms, the hackers knew where to hit and what to hit as one hacking tool contained the message “F$%k any AV”.

Wall Street Journal’s story adds the fact that the hackers from china managed to hack the network of several clients of MSPs which includes Deutsche Bank AG, American Airlines, Phillips, Rio Tinto, GlaxoSmithKline and an automobile firm from America which is now into selling electric vehicles.

Although the perpetrators are now arrested and prosecuted, the cyber threat they have planted in the minds of the technologists will remain forever.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display