Hackers behind a massive breach at hotel group Marriott International Inc left clues suggesting that they were working for a Chinese government intelligence gathering operation, sources familiar with the matter said.
Marriott last week said that a hack that began four years ago had exposed the records of up to 500 million customers in its Starwood hotels reservation system.
Private investigators looking into the breach have found hacking tools, techniques and procedures previously used in attacks attributed to Chinese hackers, said three sources, who were not authorized to discuss the company’s private probe into the attack.
That suggests that Chinese hackers might have been behind a campaign designed to collect information for use in Beijing’s espionage efforts and not for financial gain, two of the sources said.
While China has emerged as the lead suspect in the case, the sources cautioned it was possible somebody else was behind the hack, because other parties had access to the same hacking tools, some of which have previously been posted online.
Identifying the culprit is further complicated by the fact that investigators suspect multiple hacking groups might have simultaneously been inside Starwood’s computer networks since 2014, said one of the sources.
Speaking in Beijing, Chinese Foreign Ministry spokesman Geng Shuang (耿爽) declined to comment directly on the issue, but said China strongly opposed any form of hacking.
“If the relevant side has any evidence, they can provide it to the Chinese side, and relevant authorities will investigate in accordance with the law,” he told a daily news briefing. “But we resolutely oppose gratuitous accusations when it comes to internet security.”
If investigators confirm that China was behind the attack, that could complicate already tense relations between Washington and Beijing, amid an ongoing tariff dispute, and US accusations of Chinese espionage and the theft of trade secrets.
Marriott spokeswoman Connie Kim declined to comment when asked about involvement of Chinese hackers, saying: “We’ve got nothing to share.”
The hotel operator disclosed the hack on Friday last week, prompting US and UK regulators to quickly launch investigations into the case.
Compromised customer data included names, passport numbers, addresses, phone numbers, birth dates and e-mail addresses.
A small percentage of accounts included scrambled payment card data, Kim said.
Marriott in 2016 acquired Starwood for US$13.6 billion, including the Sheraton, Westin, W Hotels, St Regis, Aloft, Le Meridien, Tribute, Four Points and Luxury Collection hotel brands, forming the world’s largest hotel operator.
The hack began in 2014, shortly after an attack on the US government’s Office of Personnel Management (OPM) compromised sensitive data on tens of millions of employees, including application forms for security clearances.
US National Security advisor John Bolton recently told reporters that he believed Beijing was behind the OPM hack, a claim first made by the US in 2015.
Beijing has strongly denied those charges and also refuted charges that it was behind other hacks.
Former senior FBI official Robert Anderson told reporters that the Marriott case looked similar to hacks that the Chinese government was conducting in 2014 as part of its intelligence operations.
“Think of the depth of knowledge they could now have about travel habits or who happened to be in a certain city at the same time as another person,” said Anderson, who served as FBI executive assistant director until 2015.
“It fits with how the Chinese intelligence services think about things. It’s all very long-range,” said Anderson, who was not involved in investigating the Marriott case and is now a principal with Chertoff Group.
Michael Sussmann, a former senior official in the US Department of Justice’s computer crimes section, said that the long duration of the campaign was an indicator that the hackers were seeking data for intelligence and not information to use in cybercrime schemes.
“One clue pointing to a government attacker is the amount of time the intruders were working quietly inside the network,” he said. “Patience is a virtue for spies, but not for criminals trying to steal credit card numbers.”
FBI representatives could not immediately be reached for comment on the evidence linking the attack to China.
A spokesperson on Friday said that the agency was looking into the attack, but declined to elaborate.
WASHINGTON’S INCENTIVES: The CHIPS Act set aside US$39 billion in direct grants to persuade the world’s top semiconductor companies to make chips on US soil The US plans to award more than US$6 billion to Samsung Electronics Co, helping the chipmaker expand beyond a project in Texas it has already announced, people familiar with the matter said. The money from the 2022 CHIPS and Science Act would be one of several major awards that the US Department of Commerce is expected to announce in the coming weeks, including a grant of more than US$5 billion to Samsung’s rival, Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), people familiar with the plans said. The people spoke on condition of anonymity in advance of the official announcements. The federal funding for
HIGH DEMAND: The firm has strong capabilities of providing key components including liquid cooling technology needed for AI servers, chairman Young Liu said Hon Hai Precision Industry Co (鴻海精密) yesterday revised its revenue outlook for this year to “significant” growth from a “neutral” view forecast five months ago, due to strong demand for artificial intelligence (AI) servers from cloud service providers. Hon Hai, a major assembler of iPhones that is also known as Foxconn, expects AI server revenues to soar more than 40 percent annually this year, chairman Young Liu (劉揚偉) told investors. The robust growth would uplift revenue contribution from AI servers to 40 percent of the company’s overall server revenue this year, from 30 percent last year, Liu said. In the three-year period
LONG HAUL: Largan Energy Materials’ TNO-based lithium-ion batteries are expected to charge in five minutes and last about 20 years, far surpassing conventional technology Largan Precision Co (大立光) has formed a joint venture with the Industrial Technology Research Institute (ITRI, 工研院) to produce fast-charging, long-life lithium-ion batteries for electric vehicles, mobile electronics and electric storage units, the camera lens supplier for Apple Inc’s iPhones said yesterday. Largan Energy Materials Co (萬溢能源材料), established in January, is developing high-energy, fast-charging, long-life lithium-ion batteries using titanium niobium oxide (TNO) anodes, it said. TNO-based batteries can be fully charged in five minutes and have a lifespan of 20 years, a major advantage over the two to four hours of charging time needed for conventional graphite-anode-based batteries, Largan said in a
Taiwan is one of the first countries to benefit from the artificial intelligence (AI) boom, but because that is largely down to a single company it also represents a risk, former Google Taiwan managing director Chien Lee-feng (簡立峰) said at an AI forum in Taipei yesterday. Speaking at the forum on how generative AI can generate possibilities for all walks of life, Chien said Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) — currently among the world’s 10 most-valuable companies due to continued optimism about AI — ensures Taiwan is one of the economies to benefit most from AI. “This is because AI is