China’s Dirty Secret - Intellectual Property Theft

Chinese hackers have a long history of  breaking into the IT systems of some of the largest technology companies where they have copied andstolen industrial and commercial secrets. 

This is one aspect of a world-wide hacking operation called Cloud Hopper, according to a special report from Reuters. The Report states that teams of hackers connected to the Chinese Ministry of State Security have penetrated Ericsson, Hewlett Packard and IBM computing services and have used it as a method to infiltrate their customers. 

This process has been used to steal masses of corporate and government secrets for some years with the aim to improve Chinese commerce and economics. 

This attack “exploited weaknesses in those companies, their customers and the Western system of technological defense,” and this attack has been ascribed to China by the US and its allies. according to Reuters, although they were unable to determine the full extent of the damage done by the campaign and many victims are unsure of exactly what information was stolen.

Yet the Cloud Hopper attacks carry worrying lessons for government officials and technology companies struggling to manage security threats. 

Among those reportedly impacted in the large-scale attack by Cloud Hopper were: Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology, a spinoff from HPE  services arm in a merger with Computer Sciences Corporation in 2017.

As a result, more organisations that are part of the supply chains or customers of these service providers were also impacted, including Sabre, a leading travel reservation system that manages plane bookings in the US.  Huntington Ingalls Industries was also a victim. The company is reportedly the largest shipbuilder for the US Navy.

“This was the theft of industrial or commercial secrets for the purpose of advancing an economy,” Australia's former national cybersecurity adviser Alastair MacGibbon told Reuters. “The lifeblood of a company.”

China is making no effort to conceal its strategy for information dominance, said Tom Kellermann, chief cyber-security officer for Carbon Black

“This strategy was developed during the first Gulf War and a cornerstone of it is to conduct island hopping from [managed service providers] and telcos into their corporate client networks. Carbon Black research shows that island hopping is exploding and occurring 50% of the time as corporate brands are being used to target their clients.

“The systemic theft of intellectual property is coupled with the colonization of sensitive corporate networks, which allows the Chinese to become telepathic. The irony is Chinese hacking has dramatically increased as a reaction to the trade war. The overt colonization continues."

Infosecurity:       Reuters:

You Might Also Read:

‘Chinese Spies’ Had NSA Cyber Weapons Before The Shadow Brokers Leak:

 

 

« Phishing, Malware & Cyber Security in Australia
Blockchain Will Be A Trusted Military Solution »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Hyper Recruitment Solutions

Hyper Recruitment Solutions

Hyper Recruitment Solutions is a specialist and highly compliant recruitment consultancy dedicated to the Science and Technology sectors.

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

Reed Smith LLP

Reed Smith LLP

Reed Smith LLP is an international law firm with offices in the USA, Europe, Middle East and Asia. Practice areas include Information Technology, Privacy & Data Security.

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

Exprivia

Exprivia

Exprivia is active in the design, development and integration of IT systems including cyber security.

Haystax Technology

Haystax Technology

Haystax’s security analytics platform applies artificial intelligence techniques to identify and prioritize threats in real time.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

LEADS

LEADS

LEADS is considered as a leading ICT Solution Provider and an IT partner of choice in Bangladesh.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

CyberCube

CyberCube

CyberCube provide world-leading cyber risk analytics for the cyber insurance market.

Socure

Socure

Socure’s identity verification increases auto approval rates, reduces false positives and captures more fraud. In real time.

Drata

Drata

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining workflows to ensure audit-readiness.

Mr Backup (MRB)

Mr Backup (MRB)

MRB offers Data Protection as a Service for businesses looking to reduce the time, cost and complexity of securing your company data.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

North Green Security

North Green Security

North Green Security is a UK-based cyber security training and consultancy company.

Viatel Technology Group

Viatel Technology Group

Viatel Technology Group is a complete digital services provider. We have over 26 years’ experience delivering fully managed security, networking, cloud and communications services.