Tata Consultancy, NTT Data Among Cloud Hopper Attack Victims: Reports
According to an indictment, there were teams of hackers—including the APT10 Group—all with connections to the Chinese Ministry of State Security which penetrated the victims’ networks and used them as a launchpad to attack their customers’ systems.
Four global solution providers were targeted by state-sponsored Chinese hackers who broke into their systems scavenging for intellectual property and corporate secrets, according to a Reuters report.
NTT Data, NTT Data subsidiary Dimension Data, Tata Consulting, Fujitsu, and DXC Technologies were all unmasked as victims of those attacks whose data, systems and customers were compromised by the years-long CloudHopper attacks from 2014 to 2017, Reuters reported.
According to a federal indictment, there were teams of hackers with connections to the Chinese Ministry of State Security, including the APT10 Group, which penetrated the victims’ networks and used them as a launchpad to attack their customers’ systems.
[RELATED: Chinese Hackers Hit Global Telecom Carriers, Security Firm Says]
“Waves of hacking victims emanate from” these attacks, among them telecom giant Ericsson, travel reservation firm Sabre, and Huntington Ingalls Industries—the largest shipbuilder for the U.S.—which builds submarines, Reuters said. The attacks were used to plunder those systems for corporate and government secrets to benefit Chinese economic interests, federal prosecutors have said.
In a statement in response to a CRN inquiry about the Reuters report, NTT Data did not directly address the Reuters report or the attack it referenced.
“We are constantly fighting against the ongoing threat of cyberattacks and malware, which includes conducting regular security assessments to protect against such ever-evolving threats,” NTT said in the statement. “In the event a client was impacted by such a security incident, we would immediately notify and work directly with that client to launch a thorough investigation and act as quickly as possible to remedy the situation.”
Tata, Fujitsu, and DXC Technologies did not respond to CRN’s request for comment.
As for DXC, which was formed from the spin-in merger of CSC and HPE’s services business in 2017, it told Reuters: “Since the inception of DXC Technology, neither the company nor any DXC customer whose environment is under our control have experienced a material impact caused by APT10 or any other threat actor.”
Bob Venero, CEO of Holbrook, N.Y.-based solution provider Future Tech, No. 101 on the CRN Solution Provider 500, said the China nation-state attack on top global solution providers is yet another wake up call for customers and solution providers on securing IT environments.
“Customers need to be very mindful when they are making decisions around utilizing outsourced IT providers because you are putting at risk all of your classified data that needs to be secured and could end up in the hands of a foreign entity,” said Venero. “I am not surprised. I have been preaching for years the need to secure your own IT house and infrastructure rather than handing over the keys to the house to an outsourced IT provider.”
Future Tech, in fact, has made a conscious decision to work closely with customers on securing infrastructure rather than acting as a full outsourced IT provider.
“There is a major challenge in IT business right now with security and breaches of global integrators, outsourced IT providers and MSPs,” he said. “Sometimes the outsourced providers are the low-cost option when they compete for capturing customer IT environments. When you have that type of low-cost provider, you can put your infrastructure at risk.”
Even as the global integrators move to secure their IT environments, Venero said, they are sure to be targets for more attacks.
“The major risk for companies when they use outsourced IT providers is that all their data and information, including government security data and personnel information, is at risk,” said Venero. “It is very difficult for a customer that has decided on outsourcing to control their security attributes. You can put a fence around your own house but you can’t put a fence around your service provider which is providing IT services for thousands of houses.”
Venero said Future Tech advises customers that data security is priority No. 1. “We tell our customers that they need to secure their data and infrastructure and that we can support them with security services design and implementation versus giving it to an outsourced provider,” he said.
Steven Burke contributed to this story.