UK Companies Targeted In Major Cyber Attack Operation By China-Based Hackers

China-based have been breaching a variety of UK firms in a systemic global hacking operation, according to a report by National Cyber Security Centre (NCSC), PwC and BAE Systems.

A cyber criminal gang operating out of China known as APT10 was claimed to have been responsible for the attacks by PwC, which noted that customer malware and ‘spear phishing’ techniques were used against British firms to steal private data and intellectual properties.

“PwC UK and BAE Systems assess it is highly likely that APT10 is a China-based threat actor with a focus on espionage and wide ranging information collection,” the report said.

“It has been in operation since at least 2009, and has evolved its targeting from an early focus on the US defence industrial base (DIB) and the technology and telecommunications sector, to a widespread compromise of multiple industries and sectors across the globe, most recently with a focus on MSPs (managed service providers).”

China cyber attacks

The firm’s research, which involved an ‘unmasking operation’ dubbed Cloud Hopper, identified that APT10 benefits from having significant staffing and logistics resources and would appear to be constructed of multiple teams.

Though PwC and BAE have not worked out who or what is behind the hacker group, access to such resources would suggest that the APT10 could be a state-sponsored group, or could have the becking of large Chinese enterprises looking to steal intellectual properties from companies and rivals working the same business sector. However, at the time of writing this is merely speculation on our part.

What is particularly noteworthy of APT10’s hacking techniques is that they attack MSPs in order to gain access to network infrastructure and systems being provided to target companies, using connections to infiltrate a target’s network then ex-filtrate desired data in a stealthy fashion.

Japanese organisation were also a significant target for APT10, with the report noting that the hacker group systemically targeted government and commercial organisations by masquerading as legitimate public sector entities.

The attacks were said to be consistent with previous hacking operations that have been traced back to China-based threat actors.

While targeted attacks were found to be aimed at Japan and the UK, operations were alos targetead against companies in 14 nations, including France and the US.

With such attacks appearing to be growing in profile and occurrence, it is no wonder the UK government is putting solid support around the nations’ with its National Cyber Security Centres, setup to combat such large scale cyber-security threats.

How well do you know China’s relationship with IT? Take our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Malicious Online Ad Campaign Steals User Logins

'Magnat' malicious advertising campaign uncovered by Cisco Talos has been stealing login credentials and other…

22 hours ago

Waymo, Nuro Launch Robo-Delivery Services In California

Cruise starts robo-delivery service in Mountain View as Waymo plans limited trial of grocery-delivery service…

23 hours ago

NSO Spyware ‘Used To Hack US Diplomats’

Apple alerts employees of US State Department of hacking by NSO Group's controversial Pegasus spyware…

23 hours ago

Starlink Plans Services In India As SpaceX Breaks Launch Record

Starlink to apply for commercial licence to provide satellite broadband services in India, as parent…

24 hours ago

Musk Tesla Share Sale Surpasses $10bn

Elon Musk's Tesla share sell-off surpasses $10 billion as it reaches into fourth consecutive week,…

1 day ago

Uber To Pay $9m Settlement Over Safety Reporting Failure

Uber agrees to pay $9 million to settle dispute with California regulators over its failure…

1 day ago