Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Mobile

    White House Claims Marriott Hack Was China-Sponsored

    By
    Wayne Rash
    -
    December 13, 2018
    Share
    Facebook
    Twitter
    Linkedin
      China.hackers

      Back in my earliest days as a naval officer, when I was a midshipman, I received a series of briefings on ways that foreign intelligence agents might try to compromise me. Later in conversations with counter-intelligence officers of a three-letter agency, I learned more details on ways that government officials might be compromised—and also ways that business executives and journalists might be coerced into cooperating with foreign intelligence.

      In many cases, the process went like this: The foreign intelligence agency would collect information on the person it wanted to compromise, put that together with other information, and then try to use that as a way to gain the confidence of the target or use the information for blackmail. The challenge has always been to collect enough reliable information to make such a scenario work.

      But if the attack on the Starwood reservations database was indeed done at the hands of the Chinese Ministry of State Security, as the White House claims, and as other experts agree appears to be what happened, then it may be that they’ve hit the mother lode. Now all the Chinese need to do is to start analyzing all of those records to look for occurrences that might point to a weakness.

      Stolen Data Can Show Travel, Hotel, Medical Records

      For example, if their data analysis showed that I’ve traveled to Europe on a regular basis over a number of years, and that another person seems to have traveled to the same locations at the same times, then the intelligence agents could start paying closer attention to what I was doing, along with what the other person was doing.

      They would know this because the Starwood breach yielded passport numbers as well as things like a history of hotel stays. They might also know that I’ve had access to classified information from the Office of Personnel Management database, and they could look at my medical records from the Anthem breach to see my marital status. Now they might have something to work with.

      What happens next depends on what the foreign intelligence service is seeking. If they think that I’m a senior executive with a technology company, they might want a way to gain access to my company’s intellectual property. They might try to strike up a friendship or a more personal relationship, or they might simply try to bribe me. On the other hand, if I were a government employee, they might try to find embarrassing information as a way to blackmail me.

      Because the same group of Chinese hackers, it appears, was behind the Starwood breach that also carried out the OPM breach and the Anthem breach, that means they have access to a vast amount of information that can be used to seed a massive data analysis project. By using all of that information, the Chinese Security Ministry has what it needs to compile profiles of a large number of senior people—some of whom might be targets for compromise.

      Evidence That Starwood Breach Was Nation-Sponsored

      Two things about the Starwood breach tend to support the fact that it was nation-state sponsored. First, the fact that they took passport numbers will provide a look into the travel habits of those people. Perhaps they feel that it might be easier to compromise someone while they’re traveling. Second, this information isn’t showing up for sale on underground markets; if it had been a simple data grab, the hackers would want to monetize their gains.

      What this means to you is to expect an increase in phishing attacks that seem to benefit from surprisingly detailed information. Perhaps it’s a reference to somebody who says they were in Barcelona or San Jose at the same time you were there for a conference. It could be somebody who seems to have other detailed information about your health history or even your job. The goal is to gain your confidence so that you’ll click on one of those infamous links in an email.

      But such advances could also appear as new contacts at conferences or even at the hotel bar while you’re traveling. Perhaps the same interesting person starts appearing from time to time while you’re having your pre-dinner martini in yet another city. A friendly conversation, even if nothing else transpires, can turn into a compromising photograph.

      You’ll notice that I’m not giving you a long list of anti-malware procedures or ideas on how to train your staff to spot CEO fraud. The reason is that in today’s attack environment, the preferred approach is social engineering. What you really need to train your staff for is a seemingly personal approach, followed by an effort to compromise.

      Bad Actor Needs to Gain the Target’s Confidence

      Only after the agency gains your confidence and knows that you’ll open their email will they take the next step. By that point you might not be able to take a step back.

      It’s worth noting that just because you’re not a company with classified government information and you’re not a company with intellectual property that the bad guys might want to steal doesn’t mean you’re not a target. These intelligence agencies love to start with the little guys who have the one thing they want most—access to the next target down the line. They want your relationships with other companies or other people.

      It’s all a long chain that starts with purloined data gathered in a breach from years ago, and chances are you’re not even the end of the chain—just a link between you and the next part. But with forewarning, you can be the link that fails to help them.

      Wayne Rash
      https://www.eweek.com/author/wayne-rash/
      Wayne Rash is a freelance writer and editor with a 35-year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He is the author of five books, including his most recent, "Politics on the Nets." Rash is a former Executive Editor of eWEEK and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center and editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×