Hackers behind a massive breach at hotel group Marriott International Inc left clues suggesting that they were working for a Chinese government intelligence gathering operation, sources familiar with the matter said.
Marriott last week said that a hack that began four years ago had exposed the records of up to 500 million customers in its Starwood hotels reservation system.
Private investigators looking into the breach have found hacking tools, techniques and procedures previously used in attacks attributed to Chinese hackers, said three sources, who were not authorized to discuss the company’s private probe into the attack.
That suggests that Chinese hackers might have been behind a campaign designed to collect information for use in Beijing’s espionage efforts and not for financial gain, two of the sources said.
While China has emerged as the lead suspect in the case, the sources cautioned it was possible somebody else was behind the hack, because other parties had access to the same hacking tools, some of which have previously been posted online.
Identifying the culprit is further complicated by the fact that investigators suspect multiple hacking groups might have simultaneously been inside Starwood’s computer networks since 2014, said one of the sources.
Speaking in Beijing, Chinese Foreign Ministry spokesman Geng Shuang (耿爽) declined to comment directly on the issue, but said China strongly opposed any form of hacking.
“If the relevant side has any evidence, they can provide it to the Chinese side, and relevant authorities will investigate in accordance with the law,” he told a daily news briefing. “But we resolutely oppose gratuitous accusations when it comes to internet security.”
If investigators confirm that China was behind the attack, that could complicate already tense relations between Washington and Beijing, amid an ongoing tariff dispute, and US accusations of Chinese espionage and the theft of trade secrets.
Marriott spokeswoman Connie Kim declined to comment when asked about involvement of Chinese hackers, saying: “We’ve got nothing to share.”
The hotel operator disclosed the hack on Friday last week, prompting US and UK regulators to quickly launch investigations into the case.
Compromised customer data included names, passport numbers, addresses, phone numbers, birth dates and e-mail addresses.
A small percentage of accounts included scrambled payment card data, Kim said.
Marriott in 2016 acquired Starwood for US$13.6 billion, including the Sheraton, Westin, W Hotels, St Regis, Aloft, Le Meridien, Tribute, Four Points and Luxury Collection hotel brands, forming the world’s largest hotel operator.
The hack began in 2014, shortly after an attack on the US government’s Office of Personnel Management (OPM) compromised sensitive data on tens of millions of employees, including application forms for security clearances.
US National Security advisor John Bolton recently told reporters that he believed Beijing was behind the OPM hack, a claim first made by the US in 2015.
Beijing has strongly denied those charges and also refuted charges that it was behind other hacks.
Former senior FBI official Robert Anderson told reporters that the Marriott case looked similar to hacks that the Chinese government was conducting in 2014 as part of its intelligence operations.
“Think of the depth of knowledge they could now have about travel habits or who happened to be in a certain city at the same time as another person,” said Anderson, who served as FBI executive assistant director until 2015.
“It fits with how the Chinese intelligence services think about things. It’s all very long-range,” said Anderson, who was not involved in investigating the Marriott case and is now a principal with Chertoff Group.
Michael Sussmann, a former senior official in the US Department of Justice’s computer crimes section, said that the long duration of the campaign was an indicator that the hackers were seeking data for intelligence and not information to use in cybercrime schemes.
“One clue pointing to a government attacker is the amount of time the intruders were working quietly inside the network,” he said. “Patience is a virtue for spies, but not for criminals trying to steal credit card numbers.”
FBI representatives could not immediately be reached for comment on the evidence linking the attack to China.
A spokesperson on Friday said that the agency was looking into the attack, but declined to elaborate.
Stephen Garrett, a 27-year-old graduate student, always thought he would study in China, but first the country’s restrictive COVID-19 policies made it nearly impossible and now he has other concerns. The cost is one deterrent, but Garrett is more worried about restrictions on academic freedom and the personal risk of being stranded in China. He is not alone. Only about 700 American students are studying at Chinese universities, down from a peak of nearly 25,000 a decade ago, while there are nearly 300,000 Chinese students at US schools. Some young Americans are discouraged from investing their time in China by what they see
MAJOR DROP: CEO Tim Cook, who is visiting Hanoi, pledged the firm was committed to Vietnam after its smartphone shipments declined 9.6% annually in the first quarter Apple Inc yesterday said it would increase spending on suppliers in Vietnam, a key production hub, as CEO Tim Cook arrived in the country for a two-day visit. The iPhone maker announced the news in a statement on its Web site, but gave no details of how much it would spend or where the money would go. Cook is expected to meet programmers, content creators and students during his visit, online newspaper VnExpress reported. The visit comes as US President Joe Biden’s administration seeks to ramp up Vietnam’s role in the global tech supply chain to reduce the US’ dependence on China. Images on
New apartments in Taiwan’s major cities are getting smaller, while old apartments are increasingly occupied by older people, many of whom live alone, government data showed. The phenomenon has to do with sharpening unaffordable property prices and an aging population, property brokers said. Apartments with one bedroom that are two years old or older have gained a noticeable presence in the nation’s six special municipalities as well as Hsinchu county and city in the past five years, Evertrust Rehouse Co (永慶房產集團) found, citing data from the government’s real-price transaction platform. In Taipei, apartments with one bedroom accounted for 19 percent of deals last
US CONSCULTANT: The US Department of Commerce’s Ursula Burns is a rarely seen US government consultant to be put forward to sit on the board, nominated as an independent director Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), the world’s largest contract chipmaker, yesterday nominated 10 candidates for its new board of directors, including Ursula Burns from the US Department of Commerce. It is rare that TSMC has nominated a US government consultant to sit on its board. Burns was nominated as one of seven independent directors. She is vice chair of the department’s Advisory Council on Supply Chain Competitiveness. Burns is to stand for election at TSMC’s annual shareholders’ meeting on June 4 along with the rest of the candidates. TSMC chairman Mark Liu (劉德音) was not on the list after in December last