Cloud Hopper Attacks Far More Extensive than First Thought

Chinese hacker group APT10 has been plundering the cloud installations for dozens of businesses for over three years, but a news report by Reuters made their actions public knowledge. Now, further digging into the scandal has revealed that the group’s impact was far more extensive than initially suspected. Several major cloud providers have fallen prey to the group. However, many companies have failed to inform their clients that they may be the victims of this particular hack. Providers, hoping to protect their reputation, had simply told their clientele that the issue was dealt with when it wasn’t.

Targeting Major Cloud Providers

A report issued by the Wall Street Journal on the 30th of December, 2019 notes that at least a dozen cloud providers were caught in the breach, including massive brands like IBM and Canada’s CGI Group. Managed service providers are the ideal target for these hackers since once they breach the initial security, they have access to any of the data that the companies which use the service have stored on the server.

Full Disclosure a Serious Issue

The WSJ report comes on the heels of a Reuters scoop last year, which initially broke the news about APT10 and Cloud Hopper. The newest findings mention that over 10,000 records of US Navy Personnel were taken. The impact on company reputations has made it difficult for service providers to disclose details about the attack. However, the lack of knowledge about the events makes it even more difficult for cybersecurity firms and departments to work out what happened. The UK’s National Cyber Security Centre issued warnings to companies that they should be extremely wary of cloud providers that are unwilling to share information about security breaches.

Still Active but Only Just

Over the last year since the story broke, APT10 has gone mostly silent. The US Justice Department has arrested two individuals it thinks took an active part in the campaign. However, certain security companies still report software within the cloud pinging known APT10 IPs, making it likely that the group is still operational in some way.