Groups of hackers called Cloud Hopper, APT10, and others, allegedly associated with the PRS Ministry of State Security, have been hacking major IT companies for years and have stolen data from many corporations using these services. According to Reuters, the Chinese hackers have stolen business secrets of their customers through IT companies. The agency names eight IT companies: Hewlett Packard Enterprise (HPE), IBM, Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology.
The investigators interviewed 30 people who were involved in Cloud Hopper-related investigations. Among them were officials of Western countries, heads of companies and computer security specialists. In addition, Reuters examined hundreds of pages of companies’ internal documents, including data from internal investigations, as well as lawsuits.
According to the agency, “the invasion used weaknesses of these companies, their clients and the Western technological protection system.” So, the authors of the investigation report that Chinese hackers broke into the HPE cloud service and used it to attack the American company’s clients, stealing corporate and government confidential information from them.
Among the organizations and companies affected by the attacks were the Swedish manufacturer of telecommunications equipment Ericsson, Saber air ticket booking system, the shipbuilding company Huntington Ingalls Industries, which builds ships for the US Navy.
At the same time, according to Reuters, it is difficult to estimate how much data was stolen and how many companies were affected.
The group called Cloud Hopper has been known for quite some time; in December, the American authorities already charged two Chinese citizens, allegedly associated with it. Reuters, citing sources in the special services, writes that IT companies hid information about hacking from customers for fear of reputational costs and lawsuits. This situation calls into question the ability of Western organizations to share information at the level necessary to protect against such complex cyber attacks.
Even now, many of the victims of the attacks do not know that any data was stolen from them.
In addition, these attacks revealed cloud service vulnerabilities in an environment where more and more companies are using such remote computer systems and data warehouses. IT giants themselves were not aware about the problem for years.
source: reuters.com
The investigators interviewed 30 people who were involved in Cloud Hopper-related investigations. Among them were officials of Western countries, heads of companies and computer security specialists. In addition, Reuters examined hundreds of pages of companies’ internal documents, including data from internal investigations, as well as lawsuits.
According to the agency, “the invasion used weaknesses of these companies, their clients and the Western technological protection system.” So, the authors of the investigation report that Chinese hackers broke into the HPE cloud service and used it to attack the American company’s clients, stealing corporate and government confidential information from them.
Among the organizations and companies affected by the attacks were the Swedish manufacturer of telecommunications equipment Ericsson, Saber air ticket booking system, the shipbuilding company Huntington Ingalls Industries, which builds ships for the US Navy.
At the same time, according to Reuters, it is difficult to estimate how much data was stolen and how many companies were affected.
The group called Cloud Hopper has been known for quite some time; in December, the American authorities already charged two Chinese citizens, allegedly associated with it. Reuters, citing sources in the special services, writes that IT companies hid information about hacking from customers for fear of reputational costs and lawsuits. This situation calls into question the ability of Western organizations to share information at the level necessary to protect against such complex cyber attacks.
Even now, many of the victims of the attacks do not know that any data was stolen from them.
In addition, these attacks revealed cloud service vulnerabilities in an environment where more and more companies are using such remote computer systems and data warehouses. IT giants themselves were not aware about the problem for years.
source: reuters.com