The global hacking campaign known as “Cloud Hopper” perpetrated by government-sponsored Chinese hackers was much worse than originally reported, according to an investigation by the Wall Street Journal you should read in full.
The report says that “at least a dozen cloud providers” were affected, but focuses on HP to illustrate the severity of the intrusions and the tactics used to attack and defend.
”The Journal found that Hewlett Packard Enterprise Co. was so overrun that the cloud company didn’t see the hackers re-enter their clients’ networks, even as the company gave customers the all-clear.”
”Inside the clouds, the hackers, known as APT10 to Western officials and researchers, had access to a vast constellation of clients. The Journal’s investigation identified hundreds of firms that had relationships with breached cloud providers, including Rio Tinto, Philips, American Airlines Group Inc., Deutsche Bank AG, Allianz SE, and GlaxoSmithKline PLC.”
“They came in through cloud service providers, where companies thought their data was safely stored. Once they got in, they could freely and anonymously hop from client to client, and defied investigators’ attempts to kick them out for years.”