A China-linked hacking group is currently on the attack, targeting cloud service providers and managed service providers (MSP) in the U.S., warned the U.S. government and multiple cybersecurity firms.
The hacking group, known as Cloudhopper, APT10 and Red Leaves, has in the past focused primarily, but not exclusively, on theft of intellectual property and cyber espionage operations targeting high-tech industries including telecommunications and manufacturing. Cloudhopper’s previous hacking barrage in April 2017 succeeded with a combination of spearphishing and malware techniques. It is unclear from the reports if their current activities have evolved beyond these approaches.
MSPs are a frequent target of hackers because they manage a large number of clients. A single compromised provider can open the vault to the digital keys for hundreds networks. This approach is known as a “supply chain attack,” where a single weak link provides access to a significantly larger attack surface.
As Sino-US tensions have increased over tariffs and a potential trade war, hacking efforts originating in China have picked up in the last 18 months, signaling an apparent end to a cyber armistice agreed upon by then-President Barack Obama and Xi Jinping.
Read more about the story here.