Eight major tech companies allegedly hacked by ‘Chinese spies’

27 Jun 2019

Image: © Stripped Pixel/Stock.adobe.com

Operation Cloud Hopper, which has been tied to the Chinese Ministry of State Security, is said to have ensnared eight technology firms in a series of sustained cyberattacks.

Eight of the world’s major tech companies were compromised by Operation Cloud Hopper, a hacking operation that has been linked to Chinese threat actors, a Reuters investigation has revealed.

Operation Cloud Hopper was already pulled up by US authorities when two Chinese men were indicted in December of a years-long hacking campaign that targeted the managed service providers of many of the world’s top technology firms. The men, identified as members of the group Advanced Persistent Threat 10 (APT10), were charged by a grand jury with conspiracy to commit computer intrusion, conspiracy to commit wire fraud and aggravated identity theft. It is believed this was done in order to advance Chinese economic interests.

“China’s goal, simply put, is to replace the US as the world’s leading superpower, and they’re using illegal methods to get there. They’re using an expanding set of non-traditional and illegal methods,” said FBI director Christopher Wray at the time. “China’s state-sponsored actors are the most active perpetrators of state-sponsored espionage against us.”

At the time, only two affected companies were named: IBM and Hewlett-Packard. However, the investigation revealed yesterday (26 June) further identifies Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology.

Through these providers, hackers were able to hit companies such as Swedish telecoms giant Ericsson, travel reservation system Sabre, and Huntington Ingalls Industries, the largest shipbuilder for the US Navy and a manufacturer of US nuclear submarines.

Currently, it is difficult to ascertain the full extent of the damage done by the attacks, and the companies affected have remained relatively tight-lipped on the situation.

Hackers infiltrated companies by breaching the defences of IT and cloud services providers connected to them, using that connection to ‘hop’ into the networks of these service providers’ clients. This element of the attack has, for many, further highlighted security concerns surrounding the use of cloud services.

“For those that thought the cloud was a panacea,” commented Mike Rogers, former director of the US National Security Agency, “I would say you haven’t been paying attention.”

Chinese cybercriminals were also linked to a series of attacks against more than a dozen global mobile carriers this week. Similar to this breach, hacking group APT10 was highlighted as being very likely to be behind the attacks. However, cybersecurity firm Cybereason was more circumspect in connecting it to the breaches, pointing out that many of the tools connected to APT10 are openly available.

The Chinese Embassy to Ireland has yet to respond to requests for comment on either incident.

Eva Short was a journalist at Silicon Republic

editorial@siliconrepublic.com