By Jack Stubbs, Joseph Menn and Christopher Bing / Reuters, LONDON

Hacked by suspected Chinese cyberspies five times from 2014 to 2017, security staff at Swedish telecoms equipment giant Ericsson had taken to naming their response efforts after different types of wine.

Pinot Noir began in September 2016. After successfully repelling a wave of attacks a year earlier, Ericsson discovered the intruders were back. This time, the company’s cybersecurity team could see exactly how they got in: through a connection to information technology services supplier Hewlett Packard Enterprise (HPE).

Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE’s cloud computing service and used it as a launchpad to attack customers, for years plundering reams of corporate and government secrets in what US prosecutors say was an effort to boost Chinese economic interests.

The hacking campaign, known as Cloud Hopper (雲端跳躍), was the subject of a US indictment in December last year that accused two Chinese nationals of identity theft and fraud.

Prosecutors described an elaborate operation that victimized multiple Western companies, but stopped short of naming them.

A Reuters report at the time identified two: Hewlett Packard Enterprise and International Business Machines Corp (IBM).

Yet the campaign ensnared at least six more major technology firms, touching five of the world’s 10 biggest tech service providers.

Reuters found that Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corp and DXC Technology were also compromised by Cloud Hopper.

HPE spun off its services arm in a merger with Computer Sciences Corporation in 2017 to create DXC.

Waves of hacking victims emanate from those six plus HPE and IBM: their clients.

Ericsson, which competes with Chinese firms in the strategically critical mobile telecoms business, is one. Others include travel reservation system Sabre, the US leader in managing plane bookings, and the largest shipbuilder for the US Navy, Huntington Ingalls Industries.

“This was the theft of industrial or commercial secrets for the purpose of advancing an economy,” former Australian national cyber security adviser Alastair MacGibbon said. “The lifeblood of a company.”

Reporters were unable to determine the full extent of the damage done by the campaign, and many victims are unsure of exactly what information was stolen.

Yet the Cloud Hopper attacks carry worrying lessons for government officials and technology companies struggling to manage security threats. Chinese hackers, including the group Advanced Persistent Threat 10, known as APT10, were able to continue the attacks in the face of a counter-offensive by top security specialists and despite a 2015 US-China pact to refrain from economic espionage.

The corporate and government response to the attacks was undermined as service providers withheld information from hacked clients out of concern over legal liability and bad publicity, records and interviews show.

That failure, intelligence officials say, calls into question Western institutions’ ability to share information in the way needed to defend against elaborate cyberinvasions.

Even now, many victims might not be aware they were hit.

The campaign also highlights the security vulnerabilities inherent in cloud computing, an increasingly popular practice in which companies contract with outside vendors for remote computer services and data storage.