How China's Elite Hackers Stole the World's Most Valuable Secrets
They've long targeted managed service providers
Imagine you're a burglar. You’ve decided to tackle a high-end luxury apartment, the kind of building with multiple Picassos in the penthouse. You could spend weeks or months casing the place, studying every resident’s schedule, analyzing the locks on all the doors. You could dig through trash for hints about which units have alarms, run through every permutation of what the codes might be. Or you could also just steal the super’s keys.
According to a Justice Department indictment filed on Dec. 20, 2018, that is effectively what China has done to the rest of the world since 2014. That’s when the country’s elite APT10—short for “advanced persistent threat”—hacking group decided to target not just individual companies in its long-standing efforts to steal intellectual property, but instead focus on so-called managed service providers. They’re the businesses that provide IT infrastructure like data storage or password management. Compromise MSPs, and you have a much easier path into all these clients. They're the super.
“MSPs are incredibly valuable targets. They are people that you pay to have privileged access to your network,” says Benjamin Read, senior manager for cyberespionage analysis at FireEye. “It’s a potential foothold into hundreds of organizations.”
Please select this link to read the complete article from WIRED.