Investigators believe hackers working on behalf of the Chinese regime’s main intelligence agency are responsible for a massive data breach that exposed the personal information of as many as 500 million customers of the Marriott hotel chain, a U.S. official said Dec 12.
The investigators suspect the hackers were affiliated with the Chinese Ministry of State Security (MSS), an official briefed on the investigation told The Associated Press.
The official, who wasn’t authorized to discuss the matter publicly and spoke to the AP on condition of anonymity, said investigators were particularly concerned about the data breach, in part because Marriott is frequently used by the military and government agencies.
The hacking, which started in 2014, was only detected by Marriott in September and publicly announced in late November. It included the theft of credit card and passport numbers of guests who stayed at hotels previously operated by Starwood. The company, which includes such brands as Sheraton, W Hotels, and St. Regis, was acquired by Marriott in 2016.
Criminal Charges
The revelation comes as federal prosecutors are expected to unveil criminal charges relating to a separate Chinese cyberattack targeting U.S. private companies.The operation, known as “Cloudhopper,” was run by hackers associated with MSS and allowed the Chinese regime to gather large quantities of data on a wide range of U.S. businesses, two officials with knowledge of the investigation told Reuters.
Cloudhopper focused on hacking large, third-party data storage companies, and cloud software service companies that store data for U.S. companies and government agencies.
The Department of Justice declined to comment on the case.
The expected charges come amid a backdrop of a temporary tariff truce to the Sino-U.S. trade war, following a meeting between President Donald Trump and Chinese leader Xi in Argentina on Dec. 1.
Weaponizing Big Data
The Chinese regime, through cyber attacks such as the Marriott hack, aims to build a massive data pool of Americans, which it can later tap into for political and economic espionage purposes, according to Gary Miliefsky, cybersecurity expert and publisher of Cyber Defense Magazine.“I see a very intelligent multi-year pattern of behavior to cross correlate data points to build a profile of every American citizen,” Miliefsky said.
He pointed to previous assaults originating from China, including the 2014 hack of U.S. Office of Personnel Management, in which Chinese actors stole sensitive personal information detailed in the security clearances of millions of current and former federal employees. And in the same year, Chinese hackers allegedly breached Anthem Inc., a health insurance company, to steal the personal records of 80 million people.
Such data can then be connected and used to identify pressure points in target individuals, for example, Americans cutting deals with China, Miliefsky said. These weak points could then leveraged to manipulate or control the target’s behavior to suit the regime’s interests.
“The Chinese government wants to know everything it can about U.S. citizens,” he said, adding that Beijing wants to socially “engineer” other countries.
Growing Chorus of Alarm
In the United States, officials have been steadily raising the alarm over Chinese cyber spying and theft.Officials from the Justice Department, the FBI, and the Department of Homeland Security told the Senate Judiciary Committee on Dec. 12 that China is working to steal trade secrets and intellectual property from U.S. companies in order to harm America’s economy and further its own development.
Chinese espionage efforts have become “the most severe counterintelligence threat facing our country today,” Bill Priestap, the assistant director of the FBI’s counterintelligence division, told the committee. “Every rock we turn over, every time we looked for it, it’s not only there, it’s worse than we anticipated.”
Priestap said federal officials have been trying to convey the extent of the threat to business leaders and others in government. “The bottom line is they will do anything they can to achieve their aims,” he said.
Earlier this week, a senior U.S. intelligence official said Chinese hacking against the U.S. has been on the rise in recent months, targeting critical infrastructure in apparent attempts to lay the groundwork for future disruptive attacks.
In a November speech, Peter Navarro, a top trade adviser to the president, blasted the 2015 pact between former President Barack Obama and Chinese leader Xi Jinping, in which both sides agreed to halt cyberspying and intellectual property theft for commercial gain.
“[W]ell, that lasted about six months, and now, the U.S. government will tell you unequivocally that those hacks are back up, they’re serious, and they’re coming to get us,” Navarro said at the Center for Strategic and International Studies.