China’s Dirty Secret - Intellectual Property Theft

Chinese hackers have a long history of  breaking into the IT systems of some of the largest technology companies where they have copied andstolen industrial and commercial secrets. 

This is one aspect of a world-wide hacking operation called Cloud Hopper, according to a special report from Reuters. The Report states that teams of hackers connected to the Chinese Ministry of State Security have penetrated Ericsson, Hewlett Packard and IBM computing services and have used it as a method to infiltrate their customers. 

This process has been used to steal masses of corporate and government secrets for some years with the aim to improve Chinese commerce and economics. 

This attack “exploited weaknesses in those companies, their customers and the Western system of technological defense,” and this attack has been ascribed to China by the US and its allies. according to Reuters, although they were unable to determine the full extent of the damage done by the campaign and many victims are unsure of exactly what information was stolen.

Yet the Cloud Hopper attacks carry worrying lessons for government officials and technology companies struggling to manage security threats. 

Among those reportedly impacted in the large-scale attack by Cloud Hopper were: Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology, a spinoff from HPE  services arm in a merger with Computer Sciences Corporation in 2017.

As a result, more organisations that are part of the supply chains or customers of these service providers were also impacted, including Sabre, a leading travel reservation system that manages plane bookings in the US.  Huntington Ingalls Industries was also a victim. The company is reportedly the largest shipbuilder for the US Navy.

“This was the theft of industrial or commercial secrets for the purpose of advancing an economy,” Australia's former national cybersecurity adviser Alastair MacGibbon told Reuters. “The lifeblood of a company.”

China is making no effort to conceal its strategy for information dominance, said Tom Kellermann, chief cyber-security officer for Carbon Black

“This strategy was developed during the first Gulf War and a cornerstone of it is to conduct island hopping from [managed service providers] and telcos into their corporate client networks. Carbon Black research shows that island hopping is exploding and occurring 50% of the time as corporate brands are being used to target their clients.

“The systemic theft of intellectual property is coupled with the colonization of sensitive corporate networks, which allows the Chinese to become telepathic. The irony is Chinese hacking has dramatically increased as a reaction to the trade war. The overt colonization continues."

Infosecurity:       Reuters:

You Might Also Read:

‘Chinese Spies’ Had NSA Cyber Weapons Before The Shadow Brokers Leak:

 

 

« Phishing, Malware & Cyber Security in Australia
Blockchain Will Be A Trusted Military Solution »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Foundation Futuristic Technologies (FFT)

Foundation Futuristic Technologies (FFT)

FFT is a global leader in computer forensics and digital investigation solutions.

Emerson Electric Co

Emerson Electric Co

Emerson provides industrial automation systems and associated cybersecurity solutions to protect critical process control systems from cyber attack.

Secardeo

Secardeo

Secardeo is a provider of corporate solutions using digital signatures and certificates. Our solutions enable the user transparent end-to-end encryption of e-mails between organizations.

Cydome

Cydome

Cydome offers full-spectrum cybersecurity solutions tailored for the maritime industry.

High Sec Labs (HSL)

High Sec Labs (HSL)

High Sec Labs develops high-quality, cyber-defense solutions in the field of network and peripheral isolation.

Ceerus

Ceerus

Ceerus was created to simplify the process of deploying and managing security across all the channels in an organisation.

SK IT Cyber Security

SK IT Cyber Security

SK IT provide services and solutions for cybersecurity and advanced information system engineering.

Luxembourg Office of Accreditation & Surveillance (OLAS)

Luxembourg Office of Accreditation & Surveillance (OLAS)

OLAS is the national accreditation body for Luxembourg. The directory of members provides details of organisations offering certification services for ISO 27001.

CyberDegrees.org

CyberDegrees.org

CyberDegrees.org aims to provide top-notch information for students seeking Cyber Security education and career guidance.

689cloud

689cloud

689Cloud is a cloud content collaboration platform that allows users to protect, track, and control files AFTER they have been shared.

Cyberfort Group

Cyberfort Group

Cyberfort exists to provide our clients with the peace-of-mind about the security of their data and the compliance of their business.

Spotit

Spotit

Spotit offers a wide-ranging portfolio of technologies and services, from consultancy, assessments and pentesting to the set up of completely new security and network infrastructures.

Codean

Codean

The Codean Review Environment automates mundane software analysis tasks, so security experts can focus on finding vulnerabilities.

Global Resilience Federation (GRF)

Global Resilience Federation (GRF)

GRF builds, develops and connects security information sharing communities for mutual defense.

Pacific Certifications

Pacific Certifications

Pacific Certifications provide accredited certification, training and support services to help you improve processes, performance and products and services.

Scalarr

Scalarr

Scalarr is an innovative, next-generation cyber security firm focused on automation and AI to detect and prevent threats in mobile and Edge/IoT infrastructures.