Operation “Cloud Hopper” Complicates Trade Deal with China

A total of eight major technology service providers have now been identified as victims of a Chinese hacking campaign known as “Cloud Hopper.” The operation involved highly trained hackers, including members of the Chinese group known as APT10. This past December, the U.S. Department of Justice released an indictment against two alleged APT10 members who, according to federal prosecutors, committed cyber espionage in association with the Chinese Ministry of State Security.

The objective of cyber espionage attacks is to obtain intellectual property, corporate, and government information for economic gain. The Cloud Hopper attacks are in clear violation of a The Chinese government has denied accusations of state-sponsored cyber-attacks, despite claims by federal prosecutors.

The hackers used spear-phishing emails to install malware into systems of Management Service Providers (MSPs). Once they had access to the MSP, they stole employee credentials which allowed them to avoid detection and gain access to its clients’ shared systems.

Victims of the attacks include the clients of each compromised provider, and many victims are unsure of how much information was stolen. Several industries were targeted including engineering, industrial manufacturing, retail, energy, pharmaceuticals, telecommunications, and government agencies.

One concerning breach happened to Huntington Ingalls Industries, the largest military ship manufacturer in the U.S. APT10 hackers gained access to its network via service provider Hewlett Packard Enterprise (HPE), and company executives are concerned that the Chinese cyber spies may have stolen data related to Huntington Ingalls’s manufacturing of nuclear-powered submarines. It has not been confirmed whether any information was stolen.

HPE had hundreds of clients affected by the cyber-attack, including Sabre Corporation, a major travel technology company. A Sabre representative claimed that no traveler information was compromised but did not comment on non-traveler information. Had the hackers achieved full access to Sabre’s network, they would have had the ability to track the travels of U.S. government officials and corporate executives.

China’s use of cyberwarfare for economic benefit is one example of Beijing’s malicious trade practices. Amid the U.S.-China trade war, China’s engagement in cyber warfare has escalated tensions and raised the stakes for a trade deal. Given that the Cloud Hopper attacks are a violation of an existing 2015 U.S.-China agreement, it casts doubt on whether Beijing will adhere to future agreements. The implementation of intellectual property protection laws is at the forefront of discussions, but China has yet to agree to it.

The Trump administration recognizes the threat of China’s intellectual property theft and cyber espionage. Attempts to come to an agreement have been made through the imposition of tariffs, but Beijing has not budged, claiming that Chinese laws are difficult to amend or create.  Regardless, President Trump is seeking a trade deal with China that will mandate the cessation of cyber espionage through Chinese law.

“An effective enforcement mechanism will define the deal,” says Tim Stratford, chairman of the American Chamber of Commerce in China. In April, President Trump and President Xi Jinping agreed to establish enforcement offices to ensure that both sides are compliant, though after talks fell apart in May, it is unclear where the issue stands.

This past weekend, President Trump and President Xi Jinping agreed to resume trade talks at the G20 summit in Osaka. Although the summit did not lead to any major breakthroughs, both parties are again willing to negotiate.