China’s Dirty Secret - Intellectual Property Theft

Chinese hackers have a long history of  breaking into the IT systems of some of the largest technology companies where they have copied andstolen industrial and commercial secrets. 

This is one aspect of a world-wide hacking operation called Cloud Hopper, according to a special report from Reuters. The Report states that teams of hackers connected to the Chinese Ministry of State Security have penetrated Ericsson, Hewlett Packard and IBM computing services and have used it as a method to infiltrate their customers. 

This process has been used to steal masses of corporate and government secrets for some years with the aim to improve Chinese commerce and economics. 

This attack “exploited weaknesses in those companies, their customers and the Western system of technological defense,” and this attack has been ascribed to China by the US and its allies. according to Reuters, although they were unable to determine the full extent of the damage done by the campaign and many victims are unsure of exactly what information was stolen.

Yet the Cloud Hopper attacks carry worrying lessons for government officials and technology companies struggling to manage security threats. 

Among those reportedly impacted in the large-scale attack by Cloud Hopper were: Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology, a spinoff from HPE  services arm in a merger with Computer Sciences Corporation in 2017.

As a result, more organisations that are part of the supply chains or customers of these service providers were also impacted, including Sabre, a leading travel reservation system that manages plane bookings in the US.  Huntington Ingalls Industries was also a victim. The company is reportedly the largest shipbuilder for the US Navy.

“This was the theft of industrial or commercial secrets for the purpose of advancing an economy,” Australia's former national cybersecurity adviser Alastair MacGibbon told Reuters. “The lifeblood of a company.”

China is making no effort to conceal its strategy for information dominance, said Tom Kellermann, chief cyber-security officer for Carbon Black

“This strategy was developed during the first Gulf War and a cornerstone of it is to conduct island hopping from [managed service providers] and telcos into their corporate client networks. Carbon Black research shows that island hopping is exploding and occurring 50% of the time as corporate brands are being used to target their clients.

“The systemic theft of intellectual property is coupled with the colonization of sensitive corporate networks, which allows the Chinese to become telepathic. The irony is Chinese hacking has dramatically increased as a reaction to the trade war. The overt colonization continues."

Infosecurity:       Reuters:

You Might Also Read:

‘Chinese Spies’ Had NSA Cyber Weapons Before The Shadow Brokers Leak:

 

 

« Phishing, Malware & Cyber Security in Australia
Blockchain Will Be A Trusted Military Solution »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

NISC was established as a secretariat of the Cybersecurity Strategy Headquarters in collaboration with the public and private sectors to create a "free, fair and secure cyberspace" in Japan.

Vade Secure

Vade Secure

Vade Secure provides protection against the most sophisticated email scams such as phishing and spear phishing, malware and ransomware.

Quadrant Information Security

Quadrant Information Security

Quadrant Information Security is a consulting firm committed to supporting organizations in all vertical markets and protecting their sensitive data.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

Crown Sterling

Crown Sterling

Crown Sterling delivers next generation software-based, AI-driven cryptography in the form of random number generators and encryption products.

Marlabs

Marlabs

Marlabs is a Digital Technology Solutions company that helps companies adopt digital transformation using a comprehensive framework including Digital Automation, Enterprise Analytics and Security.

IPKeys Technologies

IPKeys Technologies

IPKeys delivers innovative cybersecurity and technology solutions focused on helping the federal government reduce risk and protect the US from cyberattacks.

Advantex Network Solutions

Advantex Network Solutions

Advantex Network Solutions are a leading provider in Mitel, IT Solutions, Networking, and iP surveillance.

Charles IT

Charles IT

Charles IT is your friendly, no-nonsense IT team focused on helping companies make their technology work for them. We focus on building relationships that deliver results.

Ballistic Ventures

Ballistic Ventures

Ballistic Ventures is a new kind of venture capital firm, built by and for cybersecurity entrepreneurs and investors.

Quzara

Quzara

Quzara provides trusted advisory services and highly adaptive cybersecurity services to federal, commercial and Defense Industrial Base customers to meet their security compliance and cyber needs.

ConvergePoint

ConvergePoint

ConvergePoint is the leading compliance software provider on the Microsoft Office 365 SharePoint platform.

Amtivo Group

Amtivo Group

Amtivo provides Certification, Inspection and Training services to national and local Government bodies, multi-nationals, enterprise clients and SMEs.

C5 Technology

C5 Technology

C5 Technology specialises in the provision of networking, security, and infrastructure services to enterprises and government agencies.