An ‘unprecedented’ number of UK firms have been compromised by a China-based cyber crime gang, in what it being described as ‘one of the largest ever sustained global cyber espionage campaigns’. A report by the national cyber crime agencies as investigatory bodies has revealed that the Chinese gang APT10 has been carrying out sustained attacks on UK firms since 2014 to gather personal data and intellectual property.
Using a series of custom malware and spear phishing techniques, the group garnered the data by targeting outsourced IT service companies. Using the companies as a way into their customers’ systems, the overall extent of the hack and the gang’s intentions are still unclear. PwC cyber security Partner Richard Horne told PA that the attacks spanned a whole range of sensitive and private information.
He said: "We've seen a number of different companies targeted for different reasons, but essentially it's all around sensitive information they hold, whether that's intellectual property, or personal information on people or a whole realm of other areas. It's a very large-scale espionage operation."
He added: "The reason we've gone public with this is because we can see so much and we have seen so much in several managed IT service providers (MSPs) and other companies compromised through it, but we don't know how far this has gone. Us, together with the NCSC and BAE Systems are very keen to get this information out there so we can promote a mass response to this."
The report – codenamed Cloud Hopper – also points to hacks against 14 other countries, including attacks on Japanese, French and US firms. Although APT10 has not responded to the allegations, those behind the report claim that it is ‘almost certainly’ the work of the China-based gang. A more detailed report explaining the true scale and nature of these attacks is expected to be released by the end of this week.