US believes Chinese intelligence behind Marriott hack

[nir]

© Provided by AFP US Secretary of State Mike Pompeo says China is waging a global campaign of cyber attacks, including hacking the customer database of the Marriott hotel chain

The United States said Wednesday that China was behind the massive hack of data from hotel giant Marriott, part of an ongoing global campaign of cyber-theft run by Beijing.

 

Secretary of State Mike Pompeo confirmed to Fox News' Fox & Friends program that the government believes China masterminded the Marriott data theft.

 

"They have committed cyber attacks across the world," he told the show.

 

"We consider them a strategic competitor. They are taking actions in the South China Sea. They're conducting espionage and influence operations here in the United States," he said.

 

The Marriott hacking allegation came amid heightened tensions between Beijing and Washington that encompasses geopolitics, trade, technology rivalry and espionage.

 

Last week Canada arrested an executive of Huawei, China's leading telecommunications company, at the request of the United States, which plans to charge her with fraud charges related to sanctions-breaking business dealings with Iran.

 

China has responded in kind, detaining a former Canadian diplomat, Michael Kovrig, who is now a China expert at the International Crisis Group security consultancy.

 

In addition, Washington is expected this week to unveil new charges against Chinese military and intelligence hackers as it seeks to counter what is seen as a broad-based, sustained cyber threat against US government and corporate targets from Beijing.

 

The Marriott hackers, who stole detailed data on some 500 million customers of the world's largest hotel company, are believed to have been working for China's Ministry of State Security.

 

Washington sees them as part of an espionage effort that has targeted health insurers and the US civil service employment database.

 

Marriott revealed on November 30 that cyber-thieves had been in the systems of its Starwood brand since 2014, which Marriott took over two years later.

 

It uncovered the breach in September and the Federal Bureau of Investigation is understood to be investigating the matter.

In the past week Marriott has sent out emails to customers who had used its systems alerting them that their data may have been stolen.

 

"For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest ("SPG") account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences," the company said.

 

"For some, the information also includes payment card numbers and payment card expiration dates," it said.

 

The company said that the credit card data was protected by two decryption components, but added: "At this point, Marriott has not been able to rule out the possibility that both were taken."

 

Separately, a new report from computer security company McAfee said their researchers had uncovered a new global effort by hackers to infiltrate the computer systems of nuclear, defense, energy and financial companies.

 

"In October and November 2018, the Rising Sun implant has appeared in 87 organizations across the globe, predominantly in the United States," the company said.

 

It said initial indications were that the hackers were North Korean, but also suggested the possibility that the identifiers in the malware that pointed to Pyongyang may have been a "false flag" to distract researchers from the true source.

 

Source

[Matrix]

China behind Marriott hotel breach, may be preparing for more hacks

 

 

 

In brief: Last month brought news that the Marriott-owned Starwood hotel chain had suffered one of the largest data breaches in history. Now, it’s been reported that the incident was part of a Chinese intelligence operation and follows a rise in cyber activity by the country, which one NSA agent said was preparation for hacks on “critical infrastructure.”

According to the New York Times, the Marriott breach, which saw details of 500 million guests stolen, was the work of hackers suspected to be working on behalf of China’s Ministry of State Security spy agency.

Security firms brought in to investigate the attack discovered computer code and patterns similar to those used in previous operations by Chinese actors.

The Times writes that the Marriott is the top hotel provider for American government and military personnel. The stolen information could be used to discover “which Chinese citizens visited the same city, or hotel, as an American intelligence agent who was identified in data taken from the Office of Personnel Management or from American health insurers that document patients’ medical histories and Social Security numbers.”

The Office of Personnel Management hack, which took place in 2014 and saw 9.7 million background investigation forms compromised, was also blamed on Chinese hackers.

Yesterday, National Security Agency official Rob Joyce told a Wall Street Journal cybersecurity conference that China was “prepositioning” itself for cyberattacks against the U.S. energy, financial, transportation, and healthcare sectors—a change from its usual focus on espionage and IP theft. He added that Chinese cyber activity had been on the rise in recent months.

It’s likely that the trade war between the US and China has played a part in the increased number of Chinese cyberattacks, and the recent arrest of Huawei’s CFO won’t have helped relations—though Donald Trump has said he would intervene in U.S. efforts to extradite Meng Wanzhou if it helped him win a trade deal with China.

Geng Shuang, a Chinese Ministry of Foreign Affairs spokesman, said: “China firmly opposes all forms of cyberattack and cracks down on it in accordance with the law,” he said. “If offered evidence, the relevant Chinese departments will carry out investigations according to the law.”

 

Original Article.

[The AchieVer]

You won't believe who's responsible for the Marriott hotel chain hack                                                         

 

      

Were you affected by the recent Marriott-Starwood hotel chain cyberattack? This massive data breach has compromised the information of around 500 million guests, including personal and credit card details.

The troubling part? Marriott discovered during its investigation that the breach has been going on since 2014. If you made a reservation on one of these hotels, we hope you've taken the necessary steps to protect your accounts. Click here to learn how.

 

 

But who was responsible for the attack? Was it a financially motivated hack? Or is it a part of a plan that is much more sinister? Read on and find out.

Are Chinese spies responsible for the Marriott hack?

The Marriott-Starwood hotel chain cyberattack was a part of a Chinese intelligence-gathering effort, according to a report from The New York Times, citing two people briefed on the investigation.

The sources said that the hackers were working on behalf of China's Ministry of State Security, the country's civilian spy agency and the agency could be involved in other high-profile attacks in the past.

Aside from the Marriott hack, the Chinese spying campaign may also be responsible for similar hacks on American institutions like the massive data breaches of the health insurance company Anthem and the Office of Personnel Management (OPM), also in 2014.

How come? Private investigators looking into the Marriott data breach said that they found hacking tools, techniques and procedures similar to the ones used in these suspected Chinese-led attacks.

The evidence suggests that these campaigns are not financial in nature, rather, they are all part of a Chinese state-led espionage effort to amass information from the United States,

Note: The Anthem hack affected 80 million people or more. The leaked information includes names, dates of birth, member ID and Social Security numbers, addresses, phone numbers, email addresses and employment information.

The OPM attack stole the information of 5.6 million federal employees including biometric data, Social Security numbers, addresses and lists of relatives. 

While these clues point position China as the lead suspect in these hacking incidents, nothing is conclusive yet. The same sources also warned that it is possible that other groups who have access to same hacking tools may be responsible for the Marriott-Starwood hotel chain data breach.

It was also stated that pinpointing the real perpetrators can be tricky since evidence also showed that that multiple hacking groups may have been accessing Starwood's computer networks since 2014.

Click here to read The New York Times report.

US-China trade relations under strain

This new development certainly puts the future of US-China trade relations in an even shakier ground.

Remember, a few weeks earlier, Meng Wanzhou, a top executive of the Chinese tech company Huawei, was arrested in Canada at the behest of U.S. authorities for allegedly violating trade sanctions on Iran.

However, China's Ministry of Foreign Affairs denies any involvement in the Marriott data breach.

“China firmly opposes all forms of cyberattack and cracks down on it in accordance with the law,” the agency's spokesperson Geng Shuang told The New York Times. “If offered evidence, the relevant Chinese departments will carry out investigations according to the law.”

U.S. senators, on the other hand, are calling on Congress to pass data security and privacy laws that will protect sensitive consumer information and make companies follow strong data security standards.

With cyberattacks coming from every direction, politically motivated or otherwise, it's about time such consumer protection safeguards are put in effect, don't you think?

 

 

Source