In June 2019, a Reuters investigation reported on a hacker consortium of Chinese cyber spies. Referred to as ‘Cloud Hopper’, these hacks were found to have been carried out over multiple years, affecting eight of the world’s largest technology service providers. These providers serviced some of the largest organisations in the world, including Ericsson, Philips, American Airlines, Deutsche Bank, Allianz and GlaxoSmithKline, among others. The hacks, in fact, were so massive in magnitude that it is difficult to put a pin on the exact figure of damages in dollars, and the sophisticated nature of the hacks figured out a way to infringe cloud data networks by going undetected for a long span of time.
The teams of hackers behind the Cloud Hopper network were connected to the Chinese Ministry of State Security. When they initially targeted the clients, their efforts were detected by investigators and cyber security teams, and subsequently thwarted. In response, they then went on to target some of the largest technology service providers in the world, including Tata Consultancy Services, Fujitsu, and as mentioned in the WSJ report, HP Enterprise. Through this attack, they entered the cloud networks operated by the tech firms, and subsequently gained access to highly sensitive commercial client data on the cloud network. They used the latter to enter the client networks, hence inflicting damage worth many millions of dollars.
An example of the extent of these hacks, and the kind of commercial damage this could have impacted, can be found in the earlier Reuters investigation. One of the compromised clients include Ericsson, which deals in critical mobile and telecommunications network infrastructure, rivalling the Chinese technology and electronics conglomerate, Huawei. With the latter already in global crosshairs for its ties with the Chinese government, the damage inflicted from critical data stolen from Ericsson can be to the tune of many billions of dollars worth business globally. This can further allow Chinese firms to take advantage of the data and turn business ties accordingly, and this is only the tip of the iceberg.
Other firms affected as a result of the continued Cloud Hopper attacks, which had Western security watchdogs confused, include the likes of banking major Deutsche Bank, medicine and healthcare giant GlaxoSmithKline PLC, and even American Airlines. Above all, the report highlights the increasingly sophisticated nature of the hacks, and how data kept with third party cloud storage operators can be severely vulnerable and expose critical data belonging to millions of consumers. As the WSJ report found out, HP Enterprise failed to detect the infiltrators re-entering their networks, and gave its customers an all-clear in terms of the safety of its cloud servers. The resultant damages amount to such high volumes that it is, in fact, being called the largest corporate espionage efforts, ever.
Get the best of News18 delivered to your inbox – subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what’s happening in the world around you – in real time.