Following a string of high-profile breaches, cybersecurity has rarely been out of the spotlight. In response, the National Cyber Security Centre, a government body tasked with safeguarding Britain’s digital frontiers, was launched in February this year. And it seems that it’s already had a major success. Having joined forces with several private organisations, the organisation has identified a group of hackers targeting companies on a global scale.
The operation, codenamed Cloud Hopper, was spearheaded by the National Cyber Security Centre, PwC, the professional-service firm, BAE Systems, the security company, and other members of the security community. Together, they aimed to uncover and disrupt the attacks of a group of cybercriminals, which is being referred to as APT10. The group’s activities were first noticed in late 2016 when it seemingly scaled its campaign. However, it’s believed that ATP10 could have been active as early as 2014.
The analysts believe the group originates from China and that it’s targeted IT outsourcing companies by employing spear phishing emails containing custom-made malware. It’s used those companies as a stepping stone to gain access to their clients’ intellectual property and other sensitive data. It’s believed that companies across the world, including the UK, France and the US, have all been targeted for the cross-border campaign.
Commenting on the operation, Richard Horne, cybersecurity partner at PwC, said that ATP10’s global campaign highlights the need for “forging true collaboration between organisations in the public and private sector with the deep technical and innovative skills required to combat this type of threat”. He continued: “Operating alone, none of us would have joined the dots to uncover this new campaign of indirect attacks. Together we’ve been working to brief the global security community, managed service providers and known end victims to help prevent, detect and respond to these attacks.”
Kris McConkey, partner of cyber threat detection and response at PwC, added: “This is a global campaign with the potential to affect a wide range of countries, so organisations around the world should work with their security teams and providers to check networks for the key warning signs of compromise and ensure they respond and protect themselves accordingly.”
Fortunately, it seems as if Britain has already begun ramping up its defences. In November last year, the government launched its cybersecurity strategy for businesses, which included plans for huge investments in startups operating in the sector. And in January 2017 GCHQ, the intelligence agency, was one of the organisations behind a new cybersecurity accelerator. Here’s hoping these efforts will provide enough protection against future threats.