Chinese hackers go after third-party IT suppliers to steal data

The hacking group APT10 has been blamed for the global cyberespionage campaign

Companies that choose to outsource their IT operations should be careful. Suspected Chinese hackers have been hitting businesses by breaching their third-party IT service providers.

Major IT suppliers that specialize in cloud storage, help desk, and application management have become a top target for the hacking group known as APT10, security providers BAE Systems and PwC said in a joint report.

That's because these suppliers often have direct access to their client's networks. APT10 has been found stealing intellectual property as part of a global cyberespionage campaign that ramped up last year, PwC said on Monday.

The joint report doesn't identify which IT service providers were hit or how many were found breached. But the providers included several suppliers in enterprise services and cloud hosting.

"It is impossible to say how many organizations might be impacted altogether at this point," BAE Systems said in a blog post.

APT10 has been around since at least 2009 and is believed to be based in China, according to security researchers. To kick off their attacks, the hackers have used spear-phishing email schemes to trick their victims into installing malware, either through an attachment or through a link that leads to a malicious site.

screen shot 2017 04 04 at 12.43.08 pm PwC

Countries targeted by APT10.

From there, APT10 will try to steal the credentials from the IT service provider to hop over to their clients' private networks. The hackers will then move on to intellectual property theft, by using the IT service provider's own infrastructure to secretly exfiltrate the data.

APT10's hacking campaign has continued into this year. The group has targeted a whole range of industries across the globe including retail, energy, technology, and the public sector.

The UK's National Cyber Security Centre has warned the public about the hacking campaign.

“This incident should remind organizations that entire supply chains need to be managed, and they cannot outsource their risk,” it said in a statement.

Businesses should talk with IT service providers about how they protect access to their data and demand any changes needed, the UK center recommended.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Michael Kan

IDG News Service
Show Comments

Father’s Day Gift Guide

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?