Hey China, while you're in all our servers, can you fix these support tickets? IBM, HPE, Tata CS, Fujitsu, NTT and their customers pwned

www.theregister.co.uk | 6/26/2019 | Staff
TitanSwimrTitanSwimr (Posted by) Level 3
Click For Photo: https://regmedia.co.uk/2017/04/21/china_hacking_shutterstock.jpg

Fresh details have emerged revealing just how deeply Chinese government hackers plundered HPE, IBM, DXC, Fujitsu, Tata, and others, stealing corporate secrets and rifling through their customers' networks.

An explosive in-depth report by Reuters today blows the lid off APT10, the infamous Beijing-backed hacking operation that was this week accused of hacking mobile carriers around the world, and has long been believed to be behind raids on corporations and organizations, siphoning off blueprints and databases for the President Xi regime.

Bombshell - Year - Revelations - Operation - Cloud

The bombshell builds on last year's revelations that a multi-year operation known as Cloud Hopper had worked its way into the internal networks at HPE and IBM, stealing corporate data and trade secrets along the way, and then drilled into customer systems. The hackers compromised customer servers that were managed by the IT giants, or slipped in via network links between the tech providers and their big-name clients. Hence the name: Cloud Hopper.

The revelations mean that the reach of the Cloud Hopper operation was far greater than first feared. In addition to the tech goliaths themselves, the hackers pushed their way into customer systems from the compromised providers, dramatically increasing the pool of valuable industrial and aerospace data stolen. Beijing's miscreants had not just access to the internal files of HPE, IBM, Tata CS et al, but also their network-connected customers, putting designs, plans, personal information, and more, at their fingertips. Jackpot.

APT10 - Vulnerability - Server - Employee - Access

We're told that APT10 crew would typically find and exploit a vulnerability in an external-facing server to break in, or a spear-phish an employee to gain access to their intranet account.

From there, they harvested additional account credentials from the compromised machine, and used those to access other boxes and services on the network, which were in turn ransacked for more login details, and used further move around the network until the...
(Excerpt) Read more at: www.theregister.co.uk
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!