Massive ‘Cloud Hopper’ cyberespionage campaign targeted eight tech service providers to steal trade secrets

• The attackers leveraged the so-called ‘spear phishing’ email to trick employees into downloading malware or giving away their passwords.
• The team of hackers behind the campaign are believed to be the work of an APT 10 threat actor group who is associated with the Chinese Ministry of State Security.

The latest report has revealed that Chinese hackers had targeted eight large technology service providers across the globe as a part of a global hacking campaign dubbed Cloud Hopper. The attack was carried out by Chinese hackers with an aim to steal corporate assets and trade secrets.

Which are the impacted firms?

Earlier reports had identified Hewlett Packard Enterprise and IBM to be impacted by the campaign. However, Reuters’ investigation has disclosed that the campaign has ensnared at least six more major technology firms.

The six other victim companies are Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation, and DXC Technology. HPE had spun-off its service arm in a merger with Computer Sciences Corporation in 2017 to create DXC.

Who is responsible?

Although it is still unclear as what data was stolen in the campaign, Reuters has revealed that the attack had also affected the telecommunications & networking firm Ericsson, travel reservation platform Sabre and Huntington Ingalls industries. The team of hackers behind the campaign are believed to be the work of an APT 10 threat actor group who is associated with the Chinese Ministry of State Security.

How was it carried out?

The attackers leveraged the so-called ‘spear phishing’ email to trick employees into downloading malware or giving away their passwords. The attack was initiated after hackers penetrated HPE’s cloud computing service and used it as a launchpad to attack both customers and clients. This enabled the attackers to pilfer a huge volume of corporate and government secrets.

Worth noting

The investigation found that these service providers had withheld information from hacked clients, out of concern over legal liability and bad publicity. The campaign also highlights the security vulnerabilities inherent in cloud computing services.

How did the companies respond?

Reuters interviewed 30 people involved in the Cloud Hopper investigations. It has found that HPE has worked diligently to mitigate the attack to protect its customers’ information.

“We remain vigilant in our efforts to protect against the evolving threats of cyber-crimes committed by state actors,” said spokesman Adam Bauer. Commenting on behalf of DXC, Bauer told, “Since the inception of DXC Technology, neither the company nor any DXC customer whose environment is under our control have experienced a material impact caused by APT10 or any other threat actor.”

IBM also reported having no evidence if any sensitive data was compromised in the attack.

On the other hand, the Chinese government has declined all accusations of involvement in hacking. “The Chinese government has never in any form participated in or supported any person to carry out the theft of commercial secrets,” said Chinese Foreign Ministry, Reuters reported.