APT10 - Operation Cloud Hopper | BAE Systems | Cyber Security & Intelligence

This website uses cookies. By navigating around this site you consent to cookies being stored on your machine


APT10 - Operation Cloud Hopper

Operation Cloud HopperBackground

For many businesses the network now extends to suppliers who provide management of applications, cloud storage, helpdesk, and other functions. With the right integration and service levels, Managed Service Providers (MSPs) can become a key enabler for businesses by allowing them to focus on their core mission while suppliers take care of background tasks.
However, the network connectivity which exists between MSPs and their customers also provides a vector for attackers to jump though. Successful global MSPs are even more attractive as they become a hub from which an intruder may access multiple end-victim networks.
Since late 2016 we have been investigating a campaign of intrusions against several major MSPs. These attacks can be attributed to the actor known as APT10 (a.k.a. CVNX, Stone Panda, MenuPass, and POTASSIUM)...
BAE Systems, Threat Research Team April 4 2017