Things are never boring in the cyber security world. This week we have news of an extended Chinese campaign to steal Australian business secrets, a joint defence effort between Australia and New Zealand, and some updates on last month’s attack against Austal. We also have a summary on a massive data breach at Marriott’s hotels which exposed private data of up to 500 million bookings.
Chinese Government Agency Blamed for Spate of Attacks Against Australian Companies
An investigation from Fairfax Media and Nine News has revealed that the Chinese Ministry of State Security is behind a spate of cyber attacks that have become known as Operation Cloud Hopper.
According to the Sydney Morning Herald, an Australian official has labelled the threat as “a constant, significant effort to steal our intellectual property”.
The Ministry of State supported hacking group is known as APT10, and one of the key techniques involved in its attacks involves hopping from cloud services into the IT systems of its targets.
The hackers have been targeting cloud storage companies, IT providers and helpdesks and searching for weaknesses in their systems. They then used these weaknesses as footholds to make their way into a number of Australian businesses.
The names of the Australian companies have not been released at this stage, but it is alleged that the attacks were focused on stealing intellectual property from professional services, engineering and mining organisations.
The efforts are a clear breach of an agreement signed between former Prime Minister Malcolm Turnbull and Chinese Premier Li Keqiang, which aimed to put a stop to corporate espionage.
Australia and New Zealand Form Joint Effort to Protect the Pacific from Cyber Attacks
The foreign ministers from both countries plan to work together in efforts to maintain a secure, free and open internet among Pacific nations. They aim to promote stability and security in the region, as well as economic growth.
Radio New Zealand reports that Winston Peters, New Zealand’s foreign minister, said that his government was committed to help with cyber issues in the Pacific region.
“New Zealand was pleased to partner with Australia and Papua New Guinea to support cyber security capacity for APEC Leaders Week–and beyond–and we want to continue this collaborative approach across the region.”
The move comes after Australia committed an additional $9 million in funding for Australia’s Cyber Cooperation Program. This will bring the total investment in the region’s cooperation program to $38.4 million through to 2022.
Iranian Hackers Alleged to Be Responsible for Attack Against Australian Shipbuilder
At the start of the month, the shipbuilding firm Austal reported that their systems had beenhacked into. Some designs and employee information was stolen, but Austal stated that the files did not include any sensitive information.
The ABC claims that the Australian Cyber Security Centre (ACSC) “has determined the attack was most likely carried out by Iranian hackers.”
The chief of the ACSC, Alastair MacGibbon would not confirm the nationality of the hackers, but seemed to indicate that it was criminal-based, rather than the work of the Iranian government.
“The fact that this material was put on the dark web to sell to the highest bidder would have to suggest it’s a criminal matter.”
While no sensitive data seems to have been stolen in the attack, it’s a chilling reminder of just how easy it can be for a company’s systems to be breached. Austal is a major global shipbuilder with overseas and military contracts, so the attack could have been much worse.
Marriott Hack: Data Breach Exposes Private Data of 500 Million Bookings
The Marriott hotel chain has reported a data breach affecting the personal and financial details of up to half a million of its guests and 500 million bookings that have occurred since 2014. The company determined after an 11 day investigation by a forensic IT specialist that there has been unauthorised access to the database of its Starwood branch that has lasted for 4 years. The origins were linked to a cyber attack which occurred in 2014.
The data exposed included reservation information, combinations of names, address, phone number, email, passport number, as well as credit card details. The breach affected all global brands of Marriott including Westin, Sheraton, Le Meridien, St Regis and W Hotels.
If you want to bolster your company’s defences and prevent a potentially devastating breach, contact the team at Gridware. We can audit your systems and help you come up with a cyber security plan that suits the unique needs of your business.