Hacking group APT10 conducted a massive campaign to get unprecedented access to intellectual property and sensitive data from outsourced platforms.
There are fears that Irish-based businesses using managed or outsourced IT services may have fallen victim to one of the largest ever cyber espionage campaigns by hacker group APT10.
APT10 is one of dozens of threat groups around the world and is considered to be one of the most prolific in terms of the sheer quantity of information it has stolen.
‘There is every possibility that if Irish companies have their corporate data held by managed IT service providers, they should investigate immediately to see if their data has been compromised’
– PAT MORAN
The scale of the espionage campaign became increasingly apparent towards the end of 2016.
APT10 targeted managed services and outsourced IT platforms
The PwC cybersecurity practice said it is working closely with BAE Systems and the UK’s National Cyber Security to uncover and disrupt the campaign.
“While we do not know specifically the impact on Irish-based companies, what we do know is that there is every possibility that if Irish companies have their corporate data held by managed IT service providers, they should investigate immediately to see if their data has been compromised,” warned Pat Moran, PwC Ireland cyber leader.
“We do know that many large international organisations have been impacted in this way, their names being confidential.”
APT10 became increasingly known in 2016, but it is believed that its activities stem back to 2015.
The hacker group focuses on espionage activity, targeting intellectual property and other sensitive data from a wide range of sectors and countries. The group is known to have exfiltrated a high volume of information from multiple victims and used compromised networks to stealthily move this data around the world.
A number of Japanese organisations have also been targeted directly in a separate, simultaneous campaign by the same group, with APT10 masquerading as legitimate government entities to gain access.
“Ireland has recently established a National Cyber Security Centre to prepare for the Network Information Systems Directive, which comes into effect from May 2018. This centre will play a key part in helping Ireland to respond to similar cyber attacks.
“As result of the recent APT10 attack, I would advise all Irish organisations who have third-party relationships with managed service providers to ascertain if their data has been breached through discussions with their providers,” Moran urged.