Hackers working for China’s Ministry of State Security broke into networks of eight major MSPs and technology services providers in an effort to steal commercial secrets from the MSPs' customers, a Reuters report alleges.
The so-called Cloud Hopper attacks (aka Island Hopper attacks), according to Reuters, penetrated:
- Computer Sciences Corp. (now DXC)
- Dimension Data
- DXC Technology (HPE’s spun-off services arm)
- HP Enterprise
- IBM
- Fujitsu
- NTT Data
- Tata Consultancy Services
The service providers offered various comments downplaying the attacks or no comment about the alleged attacks to Reuters.
MSPs: Doorways Into Customer Systems
Ironically, most of those companies also have cybersecurity divisions that rank within the Top 100 MSSPs.
The hackers used those MSP and service provider networks as a springboard into end-customer systems, Reuters alleges. The victim end-customer systems included Ericsson, U.S. Navy shipbuilder Huntington Ingalls Industries and travel reservation system Sabre, Reuters says.
Details about the attacks first surfaced in December 2018. At the time, only HPE and IBM were mentioned in media coverage about the alleged attacks. Fast forward to present day, and Reuters has now identified all eight service providers by name.
Even Small MSPs Are Under Attack
Hackers worldwide have been hitting MSPs of all sizes -- not just global technology service providers. The FBI and U.S. Department of Homeland Security have repeatedly warned MSPs and their technology platform providers about such attacks.
Thousands of MSPs are pursuing more effective risk mitigation, cybersecurity, and data protection strategies. But there's plenty of room for more improvement.
Following one recent attack, an MSP bowed to hacker demands and paid more than $150,000 to recover data. In another ugly twist, some IT consulting firms and cybersecurity companies that claim to clean up ransomware are secretly paying attackers as part of their ransomware recovery services.
Amid those challenges, the MSP industry (spanning technology companies, service providers and more) could soon face a “crisis of credibility” if the market doesn’t take major steps to more effectively mitigate ransomware threats, cyberattacks and associated fallout, ChannelE2E and MSSP Alert believe.
