Tech companies IBM, HP, Fujitsu, TCS, NTT Data, Dimension Data and CSC were hacked to access client networks & data

Network security specialists claim that a hacker group working for China’s Ministry of State Security hacked the networks of eight of the world’s largest technology service providers for the purpose of stealing confidential information and their business customers’ data.

News agency Reuters has provided some details about this international hacking campaign, dubbed by experts as Cloud Hopper, attributed to China by the U.S. and its allied countries’ administrations. 

The report mentions that, in December 2018, the U.S. government detected an operation to illegally extract the intellectual property of Western companies to favor Chinese companies. Network security experts say large organizations such as IBM and HP have been impacted by this campaign.

According to Reuters, at least six other major tech companies, Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology, have been attacked by hackers.

The news agency also mentioned that at least twelve business clients of these companies have been affected. Victims include Swedish telecommunications company Ericsson, Huntington Ingalls (U.S. naval contractor) and Sabre, a booking agency.

In this regard, an HP spokesperson mentioned, “We have contacted our customers to implement mitigations against this attack and protect sensitive information”. For its part, DXC claims to have the best computer security practices, so none of its customers have been affected by this campaign. The rest of the companies mentioned by Reuters have not commented yet.

On the other hand, China’s government has denied such allegations, claiming that they are against any cyber intrusion activity for industrial espionage purposes. “China has never been part of any campaign for the theft of trade secrets”, China’s Foreign Ministry says.

Network security specialists from the International Institute of Cyber Security (IICS) mention that the full scope of this campaign is still unknown, and because of an attachment to ongoing research, impacted companies cannot share the entire relevant information, however, the number of victims is estimated to be much higher than has been confirmed so far.