UK and Swedish watchdogs have warned of an international cyberattack.
According to the watchdog agencies, the targets of the cyber attack are large organizations in various countries and the amount of data stolen is supposedly massive.
According to the Swedish agency (MSB), the targets of the attack are different IT service providers in the United States, Japan, Sweden and other European countries.
It took a multi-agency collaboration of Britain’s National Security Center, cybersecurity firm BAE Systems, and PwC to uncover the massive attack.
According to the released report, the group devised genius ways to access their targets.
They hacked into the managed service providers’ systems to access their customers’ internal networks.
This is what made it nearly impossible for the organizations to detect this large-scale cyber attack on their systems and clients.
What is worrying is the amount of planning that went into the attack and the amount of time that had been spent on laying the foundation to siphon data.
The cyber attack, dubbed Cloud Hopper, is said to have been initiated by an organization called APT10, and seems to have been planned very well.
Though the attack seems to have been initiated in May 2016, there is a distinct possibility that it was already in place as early as 2014.
In this period, the group has been accessing large amounts of data from the targeted organizations according Sweden’s Civil Contingencies Agency (MSB).
The amount of data stolen is not clear, but it is believed to be massive.
MSB believes that Sweden could be the hardest hit among the targeted countries in Europe.
This is ironically due in part to its impressive development in cyber infrastructure and its over-reliance on digital platforms in most of the government organizations.
The country has most of its operations digitized, and this is what ultimately exposed it to a greater risk.
Most of the organizations in Sweden have the majority of their operations digitized, and a lot of services are outsourced to the managed service providers in question.
This has made it easy for APT10’s strategy to be relatively successful in Sweden in comparison to other countries.
Use of phishing e-mails was one if the main strategies that APT10 used to gain access.
According to the agency, the group sent phishing e-mails that infected the computers.
This made it very easy for the hackers to penetrate the system of the managed service providers to gain easy access to their customers.
It is also believed that the group used Swedish IP addresses to coordinate and execute the incursions and retrieve the stolen data.
The main victims of this massive attack were communication, IT, energy, and research sectors.
Though the cyber attack has been uncovered, it is not known whether it is still ongoing.
The group is believed to be well equipped with both technological and human resources.
It is not known how much they are entrenched into the organizations’ internal system and how much data has been stolen at the moment.
The fact that they attacked different organization has made it difficult for the agencies to identify the motive for the cyber attack, though updates are likely to come forward later this year.