Menu
Chinese hackers go after third-party IT suppliers to steal data

Chinese hackers go after third-party IT suppliers to steal data

The hacking group APT10 has been blamed for the global cyberespionage campaign

Companies that choose to outsource their IT operations should be careful. Suspected Chinese hackers have been hitting businesses by breaching their third-party IT service providers.

Major IT suppliers that specialize in cloud storage, help desk, and application management have become a top target for the hacking group known as APT10, security providers BAE Systems and PwC said in a joint report.

That's because these suppliers often have direct access to their client's networks. APT10 has been found stealing intellectual property as part of a global cyberespionage campaign that ramped up last year, PwC said on Monday.

The joint report doesn't identify which IT service providers were hit or how many were found breached. But the providers included several suppliers in enterprise services and cloud hosting.

"It is impossible to say how many organizations might be impacted altogether at this point," BAE Systems said in a blog post.

APT10 has been around since at least 2009 and is believed to be based in China, according to security researchers. To kick off their attacks, the hackers have used spear-phishing email schemes to trick their victims into installing malware, either through an attachment or through a link that leads to a malicious site.

screen shot 2017 04 04 at 12.43.08 pm PwC

Countries targeted by APT10.

From there, APT10 will try to steal the credentials from the IT service provider to hop over to their clients' private networks. The hackers will then move on to intellectual property theft, by using the IT service provider's own infrastructure to secretly exfiltrate the data.

APT10's hacking campaign has continued into this year. The group has targeted a whole range of industries across the globe including retail, energy, technology, and the public sector.

The UK's National Cyber Security Centre has warned the public about the hacking campaign.

“This incident should remind organizations that entire supply chains need to be managed, and they cannot outsource their risk,” it said in a statement.

Businesses should talk with IT service providers about how they protect access to their data and demand any changes needed, the UK center recommended.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Why experience is the new battleground for partners

Join us for an exclusive webinar, in association with Hewlett Packard Enterprise and Technology Services Industry Association (TSIA) and learn about the latest industry insights and how technology services continue to evolve to deliver differentiated value, and how partners can be successful in 2021 and beyond.

Featured

Slideshows

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Show Comments