In order to gain access to the clients' computer, hackers of
the China's Ministry of State Security breached the networks of Hewlett Packard
Enterprise and IBM.
Being a part of the Chinese campaign Cloudhopper, the
attacks tainted technology service providers in order to steal secrets from
their clients. While the International Business Machines Corp said it had no
proof regarding the sensitive corporate data being co promised, Hewlett Packard
Enterprises (HPE) simply chose not to comment on the campaign.
Albeit multiple warnings were issued by numerous
administration organizations in addition to many cybersecurity firms about the
Cloudhopper danger since 2017, the identity of
the technology companies whose networks were imperilled has still not
being revealed yet.
As indicated by a U.S. federal indictment of two Chinese
nationals unsealed on the 20th of December, Cloudhopper was for the most part
centered on targeting the MSPs in order to easily access the client networks
and stealing corporate secrets from organizations around the world.
While both IBM and HPE refused to comment on the explicit
claims made by the sources, however they did give a statement each,
"IBM has been aware of the reported attacks and already
has taken extensive counter-measures worldwide as part of our continuous
efforts to protect the company and our clients against constantly evolving
threats. We take responsible stewardship of client data very seriously, and
have no evidence that sensitive IBM or client data has been compromised by this
threat."
HPE said,"The security of HPE customer data is our top priority.
We are unable to comment on the specific details described in the indictment,
but HPE's managed services provider business moved to DXC Technology in connection
with HPE's divestiture of its Enterprise Services business in 2017."
Reuters was neither able affirm the names of other breached
technology firms nor recognize any affected users.
Cloudhopper, which has been focusing on technology services
providers for quite a long while, is known to have been penetrated the systems
of HPE and IBM on numerous occasions in breaches that have gone on for a considerable
length of time.
While IBM examined an attack as of late as this mid-year,
HPE was not far behind as it directed a huge breach investigation in mid-2017.
