Five Eyes countries of Australia, New Zealand, Canada, and the United Kingdom have followed the United States in expressing serious concern over a group’s actions to steal commercial intellectual property on behalf of China’s Ministry of State Security (MSS) through a malicious global hacking campaign, widely known as Cloud Hopper.
The countries each issued public statements condemning the hacking group known in global intelligence circles as Advanced Persistent Threat 10, or APT 10, all within a day of the indictment of two Chinese nationals by the United States for their alleged membership in the group.
The men had been involved in hacking operations with APT10 since 2006, according to the U.S. Justice Department.
“This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow the international rules in return for the privilege of participating in the global economic system,” U.S. Deputy Attorney General Rod J. Rosenstein said in a statement.
APT10 is accused of targeting companies and government agencies in more than a dozen countries around the world, including in Asia, to steal their intellectual property and sensitive commercial data.
The cyber attacks are known to have begun as early as 2006 and focused on several large-scale managed service providers (MSPs). MSPs are specialist companies that manage IT services and infrastructure for many medium to large businesses and organizations.
“MSPs are an attractive, high-value target for threat actors. This is because MSPs typically have extensive access to multiple client networks in order to perform their job of IT specialist,” a statement from the Canadian government read.
The statement noted that if one MSP is compromised, multiple clients around the world would be at risk of being hacked, and face “loss of proprietary information, disruption to business operations, financial loss, and potential harm to the affected organization’s reputation.”
“It is highly likely that these accesses were used to engage in commercial espionage,” read a statement from the UK government.
Chinese State Accused of Breaking Promises
In their statements, the countries noted that the Chinese Communist state has not upheld its commitment to refrain from cyber-enabled theft of intellectual property, trade secrets, and confidential business data related to commercial advantages, as agreed by G20 nations in 2015.
The latest global hacking campaign is also in violation of the commitment that all APEC economies, including China, made in November 2016, the New Zealand Government Communications Security Bureau noted.
The United Kingdom and Australia said that in 2015 and 2017 respectively, China had directly reaffirmed the commitment bilaterally. This public condemnation on Dec. 20 (Dec. 21 in Australia) is the first time for both Australian and UK governments to publically name Communist China as the agent responsible for a malicious cyber campaign.
Australia’s Ambassador for Cyber Affairs, Dr. Tobias Feakin, said that Australia’s condemnation draws a firm line against the communist state’s hacking activities.
“The language that we’re using, we feel, represents how strongly we feel about this, which is incredibly strong,” Feakin told The Australian Broadcasting Corporation.
“As an international community, as Australia, we are now far more robust in the way that we will name and shame, and we will shine a light on activities that we think are unacceptable.”
UK foreign secretary Jeremy Hunt said that the hacking campaign is “one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date.”
“Our message to governments prepared to enable these activities is clear: together with our allies, we will expose your actions and take other necessary steps to ensure the rule of law is upheld,” Hunt said in a statement.
Countries Issue Advice to MSPs and Businesses
Best practices guidelines for MSPs and their clients to protect against security threats have been issued by the governments of Australia, New Zealand, Canada and the UK in a move to resist the latest hacking campaign.
“The worldwide cybersecurity compromise serves as a reminder that all organizations must remain vigilant about security and that organizations such as MSPs must be responsible and accountable to those they serve,” a joint statement from Australia’s foreign minister Marise Payne and minister for home affairs Petter Dutton read.
According to the U.S. Justice Department, the APT10 group had targetted multiple industries and technologies. These include aviation, satellite and maritime technology, industrial factory automation, automotive supplies, laboratory instruments, banking and finance, telecommunications and consumer electronics, computer processor technology, information technology services, packaging, consulting, medical equipment, healthcare, biotechnology, pharmaceutical manufacturing, mining, and oil and gas exploration and production.
Chinese Subversion & Corruption of U.S.A is Deep and Far Reaching
In China, the Communist Party is using subversion, espionage and corruption against the United States, and is actively infiltrating and undermining key institutions to damage the United States and advance the interests of the Chinese regime.