The US Navy’s largest shipbuilder, Huntington Ingalls, was compromised by a large-scale hacking campaign executed by several organs of the Chinese government, according to a Reuters report. The company, however, denied the allegations in an email sent to Fifth Domain on June 27, saying there was no breach of information from the shipbuilder. The highly sophisticated campaign labeled “Cloud Hopper” targeted Hewlett Packard Enterprise’s cloud system and used it to wage attacks on its numerous clients.
In early 2017, HPE analysts found evidence that Huntington Ingalls Industries, the largest US military shipbuilder and a significant client, had been compromised by the Chinese hackers. APT10, one of the most feared Chinese hacking groups, controlled a foreign server that connected to systems owned by a Huntington Ingalls subsidiary. In this post, we’ll explain the effects of the Cloud Hopper, how it may affect your organization, and a few tips on what to do to safeguard your company's data.
What Happened?
Although Huntington Ingalls denied the allegations that NNS used the services of DXC, or the companies that merged to form it (HPE and CSE), other reports claim otherwise. During a private briefing with HPE staff, the shipbuilder executives voiced concerns that hackers could have infiltrated data from its biggest project in Newport News, VA. This is where the company builds nuclear-powered submarines, according to a person familiar with the discussions. Such vulnerabilities can expose sensitive security formation to third parties, and that is why the DoD insists on NIST compliance. NIST SP 800–171 is basically a cyber security framework that provides useful best practices in the form of controls. That way, you can strengthen the security posture of your network and systems.
Over the recent years, the US government and Department of Defense have been issuing warnings about the vulnerability of the defense industrial base to foreign espionage. This year, the department wide annual report on Chinese military activities incorporated a new section pointing to how China’s breach of sensitive military data from the defense industrial base could give them a military advantage.
What’s Next After the Cloud Hopper?
So far, there has been some progress in prosecuting one Cloud Hopper member: APT10 (aka. Red Apollo, Stone Panda, or Manupass). The US Justice Department unsealed the arraignment of two Chinese men alleged to be part of APT10. The men identified as Zhu Hua and Zhang Shilong worked for Huaying Haitai Science and Technology Development Company under the direction of the Chinese Ministry of State Security's Tianjin State Security Bureau, according to federal prosecutors.
Although the move is positive, the US and China don't have an extradition treaty, meaning that the two men are unlikely to face trial, unless they travel to a country that has an extradition treaty with the US.
What You Could Do to Protect Against Cloud Hopper
It’s almost flattering that MSPs and IT Providers with highly-skilled cyber security professionals are facing such a magnitude of attacks. This should be a concern to every organization, especially those who have access to Controlled Unclassified Information (CUI). The first step to protecting your company against Cloud Hopper is to fully comply with NIST SP 800-171 regulations. When you implement NIST SP 800-171 controls, you will enhance the overall security posture of your organization.
Moreover, APT10 begins its attacks with phishing emails, just like most ransomware attacks. NIST SP 800-171 compliance focuses on cyber security best practices like filtering emails for your customers and employees, managing administrative privileges, and scanning your MSP administrative end-points.
NIST 800–171 Helps You Identify Vulnerabilities
Cloud Hopper and related attacks are becoming more frequent and pose a substantial threat to not only your bottom line, but also to National Security. It’s critical to identify and mitigate vulnerabilities within your systems and processes. NIST SP 800-171 compliance actually helps you protect valuable assets and sensitive information about PII and propriety. If you need help with the NIST SP 800-171 compliance process, contact us today and speak to one of our cyber security experts.
Need guidance on NIST SP 800-171 compliance anywhere from Washington D.C. to Southern Maryland? We're experts, specializing in NIST 800-171 compliance.
