Hackers from China’s Ministry of State Security have reportedly broken into 8 of the world’s biggest technology service providers’ networks, to steal commercial secrets from their clients. Hewlett Packard and IBM were its 1st targets. In fact, HP didn’t even know it was being hacked for the first couple of years.
Now, among the 8 companies being hacked for sensitive data, lie the Indian major IT company, Tata Consultancy Services (TCS).
‘Operation Cloud Hopper’
Operation Cloud Hopper, the global espionage headed by China’s Ministry of State Security, has hacked into 8 of the world’s most secure technological networks. Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology, along with IBM and HP are the 8 companies, fallen into the traps of the Chinese spies.
Speaking of TCS, it wasn’t just hacked but it was used as a platform to connect the spies to different points of access through TCS’s clients. In fact, they managed to hack Ericsson in the similar fashion. They got into Ericcson through the IT supplier Hewlett Packard Enterprise.
The Chinese government has clearly denied all the accusations against it. The Cloud Hopper brings wave of tension among different governments and officials of technology cos, struggling to manage security threats. Even with HP, each time it debugged the hack and secured its servers, the hackers returned with a stronger approach and managed to break in further.
How Did it Hack TCS?
For hacking into a service provider’s server, the Cloud Hopper sends emails, under an impression that it is being sent from a known candidate so that the targeted person can give in confidential data. This tricks the employees into downloading malware or disclosing their passwords. They then understand the environment and steadily move forward to the system administrator.
The system administrator is a very important as it is responsible to control the company’s jump servers, which direct a bridge between the service provider and its client’s networks. Once this is accomplished, the spies can collect all their necessary and sensitive data from their victim’s networks. In case of TCS, it seemed a though the hackers weren’t just merely searching, they knew where they had to look for.
Chinese hackers, including a group known as APT 10, managed to continue cyber attacks even in the presence of a counter-offensive environment by top security specialists and despite a 2015 US-China Pact to refrain from economic espionage.