A large-scale cyber attack from a group targeting organisations in Japan, the US, Sweden and many other European countries through IT services providers has been uncovered, the Swedish computer security watchdog said on Wednesday.
The cyber attack, uncovered through a collaboration by Britain’s National Cyber Security Centre, PwC and cyber security firm BAE Systems, targeted managed service providers to gain access to their customers’ internal networks since at least May 2016 and potentially as early as 2014.
The exact scale of the attack, named Cloud Hopper from an organisation called APT10, is not known but is believed to involve huge amounts of data, Sweden’s Civil Contingencies Agency said in a statement. The agency did not say whether the attacks were still happening. “The high level of digitalisation in Sweden, along with the amount of services outsourced to managed service providers, means that there is great risk that several Swedish organisations are affected by the attacks,” the watchdog said.
The agency said those behind the attacks had used significant resources to identify their targets and sent sophisticated phishing e-mails to infect computers.
It also said Swedish IP addresses had been used to coordinate the incursions and retrieve stolen data and that APT10 specifically targeted IT, communications, healthcare, energy and research sectors.