Published: Thu, December 13, 2018
Worldwide | By Myra Stephens

Mike Pompeo confirms China was behind massive Marriott hack

Mike Pompeo confirms China was behind massive Marriott hack

Who hacked Marriott's Starwood hotels?

The New York Times first reported that investigators believe the attackers likely were from a Chinese state intelligence service.

Priestap said federal officials have been trying to convey the extent of the threat to business leaders and others in government. Private investigators looking into the breach have found hacking tools, techniques, and procedures previously used in attacks attributed to Chinese hackers, said three sources who were not authorized to discuss the company's probe.

According to the paper, "preliminary indications show the breach was executed by hackers affiliated with the Chinese Ministry of State Security, said the people, who spoke on the condition of anonymity to reveal information not yet ready for public release".

On Wednesday, it also slapped a $2.8 million penalty on a Chinese energy company, Yantai Jereh Oilfield Services Group, for violating U.S. sanctions by shipping US-made equipment to Iran.

News of the breach prompted several US government officials to announce investigations, including New York Attorney General Barbara Underwood, Maryland Attorney General Brian Frosh and Pennsylvania Attorney General Josh Shapiro.

If investigators' hunches are accurate, China would be to blame for three of the biggest intrusions that occurred since 2014: the US government's Office of Personnel Management, the health insurer Anthem and now Marriott's Starwood.

Cyber-security expert Jesse Varsalone, of University of Maryland University College, said the Marriott hack does have signs of a foreign intelligence agency involvement.

Marriott is offering help to customers impacted by massive data breach; question and answer website Quora says data of 100 million users was stolen.

Marriott has warned that that it can't confirm if the hackers were able to decrypt the credit card numbers. For the remaining accounts, less sensitive data, such as postal address, email address or other information, was leaked.

The intrusion into Marriott International's Starwood hotel reservation system shared similarities to previous Chinese-government linked intelligence gathering operations. The information of about 500 million customers worldwide was exposed.

In August 2017, USA authorities arrested a Chinese man for allegedly distributing a type of malware that was used in both the Anthem and OPM attacks (see: Chinese Man Allegedly Tied to OPM Breach Malware Arrested). And that the "discovery comes as the Trump administration is planning actions targeting China's trade, cyber and economic policies, perhaps within days".

Also, the Wall Street Journal reported on December 6 that the Department of Justice is close to unsealing charges against members of the Chinese military for the so-called Cloudhopper attacks, which compromised managed service providers and managed security service providers.

Like this: