In-brief: On the eve of a high-profile meeting between China’s President Xi Jinping and U.S. President Donald Trump, new reports underscore the continued scourge of Chinese spying on- and theft from the U.S. and its allies. (Editor’s note: this post is excerpted from one that appeared on Digital Guardian’s blog.)
You could call the timing “awkward.” On the eve of a major summit between the U.S. President and the Chinese leader, a report from PWC and BAE Systems have shone a light on an extensive and on-going campaign of cyber espionage that targeted U.S. and Japanese firms, among others. This, despite a supposed cyber détente between the two countries that was hammered out during President Obama’s second term.
The report may give President Trump and Chinese President Xi Jinping something to discuss at the club house at Mar a Lago during the Chinese leader’s visit this week, though the Tomahawk missile attack on a Syrian air base is likely to provide plenty of fodder for dinnertime conversations.
The joint report on a long-running campaign, dubbed Cloud Hopper, said that a group with known connections to the Chinese military infiltrated firms in the US, EU and Japan. Notable was the hackers decision to first hack into managed IT service providers (or MSPs) to gain access to the intellectual property and sensitive data of both the MSPs and their clients.
The hacking group responsible, dubbed APT 10, has been active for years and has previously targeted U.S. government and U.S. defense industrial base (DIB) organizations, going back to 2009, the two companies reported. After reports about Chinese state-sponsored hacking cropped up in the media in 2013 and 2014, largely due to the work of firms like FireEye, that activity appeared to have died down. However, in recent months, the APT 10 group has expanded its work to both MSPs and Japanese firms, PWC and BAE reported.
And that’s not all. The security firm Fidelis added to the intrigue on Wednesday with a blog post that linked the Cloud Hopper campaign to an attack on The National Foreign Trade Council (NFTC), a prominent U.S. trade lobby group and advocate on international trade policy that counts firms like Wal-Mart, Johnson & Johnson, Amazon and Microsoft as members.
Hacking systems used by such a group could provide Chinese diplomats and officials with a heads up on U.S. talking points and concerns going into the Trump-Xi summit, experts note.