Hackers working on behalf of the State Security Ministry violated Hewlett Packard Enterprise and IBM networks and then used their customers ‘ hacking access
On behalf of the Chinese State Security Ministry, hackers breached the Hewlett Packard Enterprise and IBM networks and used hacker access to their clients, according to five sources familiar with these attacks. Their attacks were reported.
The attacks were part of a Chinese “cloudhopper “campaign which on Thursday the US and Britain declared infected providers of technology services to rob their customers of secrets.
Although cyber security firms and government agencies have made many warnings since 2017 regarding the Cloudhopper threat, their identity has not been revealed by technologies whose networks have been affected.
International Business Machines Corp said that there had been no evidence for the compromise of sensitive corporate data. It could not comment on the Cloudhopper campaign, Hewlett Packard Enterprise (HPE), said.
Companies and administrations are increasingly looking to technology companies known as managed service providers (MSPs) to remotely manage their IT activities including servers, storage, networking and assistance services.
Cloudhopper targets MSPs for customer networking and robs companies around the world of corporate secrets, according to a United States. Two Chinese nationals were federally charged unsealed on Thursday. None of the MSPs that were breached have been identified by prosecutors.
In both, IBM and HPE the specific claims made by the sources have not been commented on.
” With all our continuous efforts to protect the company and our customers from constantly growing threats, IBM has become aware of all the reported attacks and has taken extensive countermeasures worldwide, “the company said in a statement. ” We are taking customer data management very seriously and have no proof that this threat has compromised sensitive IBM or client data. ”
HPE static that in a 2017 merger of the Computer Science Corp which formed a new company, DXC Technology was launched by a large-scale managed service business.
” We give top priority to the safety of HPE customer data, “said HPE. “We can not comment on the specific details of the indictment but, in connection with the HPE divestiture of its Enterprise Services Business in 2017, HPE managed its service provider business moved to DXC Technology. “
DXC Technology refused to comment on reports on specific cyber events and hacking groups by stating that they are uncommented.
The name of other technology companies in violation could not be confirmed or any affected customers can be identified by Reuters.
Sources not authorized in the investigation of hacks to comment on confidential information said HPE and IBM were not the only leading technology companies with Cloudhopper ‘s networks affected.
For several years, Cloudhopper has infiltrated HPE and IBM networks with week and month breakdown according to other sources with knowledge of the subject, which targets technology service providers.
As recently as this summer, IBM investigated an attempt, and in early 2017, HPE conducted a major infringement investigation.
Another source said that the assailants were persistent, making it difficult to ensure safe networks.
The individual knew about IBM’s work. IBM addressed certain infections with the installation of new hard drives and new systems on infected computers.
According to the indictment, cloudhopper attacks date from at least 2014.
The indictment cited a cases in which MSP data in New York and clients in 12 countries such as Brazil, Germany, India, Japan, the United Arab Emirates, the UK and the U.S. were compromised by Cloudhopper. They were from the financial, electrical, pharmaceutical, biotechnological, car, mining, oil and gas exploration industries.
One high-ranking intelligence officer who refused to name victims, said that attacks against MSPs represent an important threat, since they mainly turned technology companies into launch pads for hackers of customers.
“By gaining access to an MSP, you can in many cases gain access to any one of their customers,” said the official. “Call it the Walmart approach: If I needed to get 30 different items for my shopping list, I could go to 15 different stores or I could go to the one that has everything.”
FBI and Homeland Security representatives refused to comment. U.S. government officials Can not reach the Chinese Embassy and the Department of Justice in Washington.
A spokesperson for the British Government refused to comment on the identities or impact of Cloudhopper ‘s breaches of companies.
” There were several MSPs affected, naming them with a potential trade impact on them and putting their competitors at an unfair disadvantage, “she said.