US believes Chinese intelligence was behind massive Marriott hack, as Mike Pompeo decries Beijing’s ‘cyberattacks across the world’
- The Marriott hackers are believed by the US to have been working for China’s Ministry of State Security
- Detailed data on some 500 million customers of the world’s largest hotel company was stolen
The United States said Wednesday that China was behind the massive hack of data from hotel giant Marriott, part of an ongoing global campaign of cyber-theft run by Beijing.
Secretary of State Mike Pompeo confirmed to Fox News’ Fox & Friends programme that the government believes Chinese authorities masterminded the Marriott data theft.
“They have committed cyberattacks across the world,” he told the show.
“We consider them a strategic competitor. They are taking actions in the South China Sea. They’re conducting espionage and influence operations here in the United States,” he said.
The Marriott hacking allegation came amid heightened tensions between Beijing and Washington that encompasses geopolitics, trade, technology rivalry and espionage.
On December 1, Canada arrested Sabrina Meng Wanzhou, CFO of Huawei, China’s leading telecommunications company, at the request of the United States, which plans to charge her with fraud charges related to sanctions-breaking business dealings with Iran.
China may have responded in kind – it detained a former Canadian diplomat, Michael Kovrig, who is now a China expert at the International Crisis Group security consultancy.
In addition, Washington is expected this week to unveil new charges against Chinese military and intelligence hackers as it seeks to counter what is seen as a broad-based, sustained cyber threat against US government and corporate targets from Beijing.
The Marriott hackers, who stole detailed data on some 500 million customers of the world’s largest hotel company, are believed to have been working for China’s Ministry of State Security.
Washington sees them as part of an espionage effort that has targeted health insurers and the US civil service employment database.
Marriott revealed on November 30 that cyber-thieves had been in the systems of its Starwood brand since 2014, which Marriott took over two years later.
It uncovered the breach in September and the Federal Bureau of Investigation is understood to be investigating the matter.
In the past week Marriott has sent out emails to customers who had used its systems alerting them that their data may have been stolen.
“For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences,” the company said.
“For some, the information also includes payment card numbers and payment card expiration dates,” it said.
The company said that the credit card data was protected by two decryption components, but added: “At this point, Marriott has not been able to rule out the possibility that both were taken.”
Separately, a new report from computer security company McAfee said their researchers had uncovered a new global effort by hackers to infiltrate the computer systems of nuclear, defence, energy and financial companies.
“In October and November 2018, the Rising Sun implant has appeared in 87 organisations across the globe, predominantly in the United States,” the company said.
It said initial indications were that the hackers were North Korean, but also suggested the possibility that the identifiers in the malware that pointed to Pyongyang may have been a “false flag” to distract researchers from the true source.