Over the past year, Western media organizations have published a non-stop stream of reports about “Operation Cloudhopper”: The Chinese government’s clandestine program to spy on and siphon economic secrets from some of the world’s largest tech companies.
We have shared some details of the program before: China’s Ministry of State Security has worked with a shadowy group of hackers called ‘Advanced Persistent Threat’ 10 to infiltrate American and European enterprise tech firms using a very consistent MO: Hackers would infiltrate the cloud computing networks of ‘managed service providers’, then ‘hop’ from network to network’, gaining entree to the networks of these firms’ clients. Back in December, the US named some of the hackers suspected of working with APT10, and was backed up by Germany, New Zealand, Canada, Britain, Australia and other allies all issued statements.
Notably, the Chinese cyberespionage campaign continued even after Beijing and the Obama Administration agreed to a pact to cease all cyberespionage activities.
But as devastating as these attacks have been, the details have been kept under wraps, as corporate victims have pushed for their privacy to be protected. But for the first time since the US indicted the two suspected APT members, a sweeping Reuters investigation has laid out details of attacks, many of which have been previously reported, but not in quite as much depth.
An investigation by Reuters found that “Cloud Hopper” impacted six additional firms aside from IBM and HPE, which it had previously reported. These included at least five of the world’s 10 largest tech service firms. In addition to HPE and IBM, the hacks emanated out to those firms’ clients, including Swedish telecoms firm Ericsson, and a handful of Japanese fims. Ultimately, industrial and commercial secrets were stolen.
The hacking campaign, known as “Cloud Hopper,” was the subject of a U.S. indictment in December that accused two Chinese nationals of identity theft and fraud. Prosecutors described an elaborate operation that victimized multiple Western companies but stopped short of naming them. A Reuters report at the time identified two: Hewlett Packard Enterprise and IBM.
Yet the campaign ensnared at least six more major technology firms, touching five of the world’s 10 biggest tech service providers.