US Department of Homeland Security building, Washington DC
In December 2019, the U.S. government issued indictments against two Chinese hackers who were allegedly involved in a multi-year effort to penetrate the systems of companies managing data and applications for customers via the computing cloud. The men, who remain at large, are thought to be part of a Chinese hacking collective known as APT10.
A recently published investigation by the Wall Street Journal revealed that the hacking campaign, dubbed “Cloud Hopper” by security researchers, impacted a wider set of cloud companies than was previously thought. The hackers used their access to these firms to target some of their customers in what has became one of the biggest corporate espionage efforts in history.
The latest news is unlikely to deter businesses from entrusting more of their data and applications to the computing cloud as they seek to drive down costs and boost efficiency. But the affair holds some important security lessons for CIOs and other senior tech executives overseeing cloud projects:
Nation-state hackers are now the biggest threat to cloud security
CIOs have long counted on the fact…
