The Chinese hacking group nicknamed “Red Apollo” last year launched one of the largest ever sustained global cyber espionage campaigns. Rather than attacking companies directly, it targeted cloud service providers, attempting to use their networks to spread spying tools to a wide number of companies.
It was the latest warning sign of the risks posed by so-called supply chain attacks, according to PwC, the professional services company, which tracked the campaign.
Known as Operation Cloud Hopper, the attack targeted a small number of managed IT service providers, giving it the potential to spread malware to all the clients using these outsourcing companies to run their computer networks. Companies in 15 countries, including the UK, France, Switzerland, US, Canada, Australia and Japan were targeted.