A woman cycles past a Huawei store in Shenyang, China.
Stringer | Reuters
Huawei does not have any company-sanctioned projects cooperating with China's military and does not customize products for use by the country's armed forces, the tech giant's legal chief told CNBC on Thursday.
That comes after Bloomberg reported earlier in the day that, based on public documents, Huawei's workers had cooperated with various parts of China's People's Liberation Army (PLA) on research including on artificial intelligence and radio communications.
But the company exec denied there'd been any official work with the PLA.
"As far as I know, we don't have military cooperation projects because we are a company dedicated to provide communications systems and (information and communications technology) solutions for civil use," Song Liuping, chief legal officer at Huawei, told CNBC in a Thursday interview conducted in Mandarin and translated by a company-provided translator.
"My understanding is we don't have any projects that relate to the military cooperation category. Neither do we customize products or solutions for the military," he added.
Bloomberg's report outlined at least 10 initiatives in the last decade on which Huawei employees allegedly worked with Chinese military units. Those included one to extract and classify emotions in online video comments, according to the report. The information was gathered by looking at publicly available research papers whose authors were identified as Huawei employees, the report said.
A spokesperson for Huawei told CNBC the company is "not aware of its employees publishing research papers in their individual capacity."
Huawei's founder Ren Zhengfei was a former officer in the PLA. Huawei's critics have pointed to that fact to suggest the company has a close relationship with China's military and government. The U.S. government is worried that Huawei's equipment could present a risk of China accessing user data. Washington has also suggested there's hazard associated with laws in China that apparently compel Chinese companies to help Beijing in any national intelligence work if asked.
Ren told CNBC earlier this year that the company would resist any request from Beijing for user data.
"Even if we were ordered to, Huawei would still not install backdoors. If a single backdoor was found in even one of the countries where we operate, our sales would shrink in all of them," Ren said.
A woman cycles past a Huawei store in Shenyang, China.
Stringer | Reuters
Huawei does not have any company-sanctioned projects cooperating with China's military and does not customize products for use by the country's armed forces, the tech giant's legal chief told CNBC on Thursday.
That comes after Bloomberg reported earlier in the day that, based on public documents, Huawei's workers had cooperated with various parts of China's People's Liberation Army (PLA) on research including on artificial intelligence and radio communications.
But the company exec denied there'd been any official work with the PLA.
"As far as I know, we don't have military cooperation projects because we are a company dedicated to provide communications systems and (information and communications technology) solutions for civil use," Song Liuping, chief legal officer at Huawei, told CNBC in a Thursday interview conducted in Mandarin and translated by a company-provided translator.
"My understanding is we don't have any projects that relate to the military cooperation category. Neither do we customize products or solutions for the military," he added.
Bloomberg's report outlined at least 10 initiatives in the last decade on which Huawei employees allegedly worked with Chinese military units. Those included one to extract and classify emotions in online video comments, according to the report. The information was gathered by looking at publicly available research papers whose authors were identified as Huawei employees, the report said.
A spokesperson for Huawei told CNBC the company is "not aware of its employees publishing research papers in their individual capacity."
Huawei's founder Ren Zhengfei was a former officer in the PLA. Huawei's critics have pointed to that fact to suggest the company has a close relationship with China's military and government. The U.S. government is worried that Huawei's equipment could present a risk of China accessing user data. Washington has also suggested there's hazard associated with laws in China that apparently compel Chinese companies to help Beijing in any national intelligence work if asked.
Ren told CNBC earlier this year that the company would resist any request from Beijing for user data.
"Even if we were ordered to, Huawei would still not install backdoors. If a single backdoor was found in even one of the countries where we operate, our sales would shrink in all of them," Ren said.
President Trump on Wednesday said the U.S. would be better off if European Central Bank President Mario Draghi led the Federal Reserve, instead of its current chairman, Jerome Powell.
Continue Reading Below
“European nations were set up in order to take advantage of the United States. It was set up for trade in order to take advantage, and they have. You know, they very smartly have. And they have Draghi who is – we should have Draghi instead of our Fed person,” Trump said in response to whether he is working on a deal with Europe, during an exclusive interview with FOX Business’ Maria Bartiromo.
MORE FROM FOXBUSINESS.COM...
Trump praised Europe’s efforts to stimulate the economy by lowering interest rates and purchasing financial assets.
“What Europe did with Draghi is they’re forcing money in, we’re doing the opposite. We’re taking money out and we’re raising interest rates – it’s insane,” he said.
“[Powell] should have never raised the rates to the extent that he did," Trump added. "If he would have raised them half – just half – and if he would have not done the quantitative tightening, our market would have been up another 10,000 points. And I’ll tell you, GDP would have been up another point or two points. We could have hit – we potentially could have hit 5 [percent]."
Powell warned in a speech on Tuesday that “short-term political pressure” can damage the central bank’s independence.
“Congress chose to insulate the Fed this way because it had seen the damage that often arises when policy bends to short-term political interests,” Powell said during a speech at the Council on Foreign Relations. “Central banks in major democracies around the world have similar independence.”
Trump in a Tweet on Monday echoed his frustration with the Fed and Powell, whom he has reportedly considered firing. However, Trump said on Wednesday, “I never suggested I was going to do that. I do have the right to do it.”
“Mario Draghi just announced more stimulus could come, which immediately dropped the Euro against the Dollar, making it unfairly easier for them to compete against the USA,” Trump wrote in a tweet. “They have been getting away with this for years, along with China and others.”
FOX Business’ Megan Henney contributed to this article.
Mike Tyson (R) punches Andrew Golota during their match in Auburn Hills, October 20, 2000. (Reuters)
FedEx’s (FDX) top executive assailed current U.S. trade policy as more protectionist measures threaten to upend the courier company’s business plans and take a bite out of its bottom line.
“It reminds me a bit about that old adage of Mike Tyson that everybody has got a plan until they get hit in the mouth,” FedEx CEO Fred Smith said. “So clearly, we’ve been very disappointed over the last few years with the assumptions that we made on the growth in international trade, particularly with the Trump administration.”
Smith made his remarks during a call with investors Tuesday in response to Barclays analyst Brandon Oglenski’s inquiry into FedEx’s growth strategy, especially relating to the company’s Express international air shipping business.
FedEx Express’ operating income came under pressure in the fourth quarter, and the company declined to project fiscal 2020 earnings results for the segment. FedEx said trade disputes and low global growth rates created “significant uncertainty” for the business unit.
“The United States policy since 1934 with Roosevelt and Secretary of State Cordell Hull was to expand international trade,” Smith said. “And now we have a huge dispute where the United States is basically become protectionist defined as, ‘I’ll make everything I need in my own borders. I don't need to import things and quite frankly don't particularly need to export them.’”
Smith also acknowledged what he considered to be flaws with other countries’ trade policies as well, which have further confounded global trade flows.
“We don’t agree with the Chinese position on trade either – and have been very vocal about that – which is mercantilist,” he added.
In its fourth-quarter earnings release Tuesday, FedEx reported that its results for the current fiscal year would be negatively impacted by “weakness in global trade and industrial production.” The company guided toward a mid-single-digit percentage point decline in fiscal 2020 diluted earnings per share, after adjusting for certain retirement plans and integration expenses related to its acquisition of TNT Express.
For the fiscal fourth quarter, FedEx reported better-than-expected results on the top and bottom lines, delivering adjusted earnings per share of $5.01 on revenue of $17.8 billion.
‘Virtually impossible task’
FedEx has also taken issue with other dealings in U.S. trade policy.
The Memphis, Tennessee-based company earlier this week filed a lawsuit against the U.S. Commerce Department requesting that the government “be permanently enjoined from enforcing the export administration regulations against FedEx in circumstances when the company has no knowledge that the contents of the shipment are subject to the [Export Administration Regulations],” FedEx’s general counsel said.
In a court filing, FedEx said that the export restriction rules “essentially deputize FedEx to police the contents of the millions of packages it ships daily even though doing so is a virtually impossible task, logistically, economically, and in many cases, legally.” FedEx argues that it should not be liable in the event that it accidentally ships products violating the Trump administrations’ restrictions.
FedEx is suing the US Department of Commerce for requiring the shipping company to implement extra screening efforts to enforce export bans. (Photo by Justin Sullivan/Getty Images)
The lawsuit, which does not specifically name Chinese telecommunications company Huawei in its court filing, took place after the U.S. government in May added Huawei to a list of entities barred from receiving U.S. technology without a license from the Commerce Department. Shortly thereafter, Huawei complained that FedEx had delivered several of its packages to incorrect addresses, sparking an investigation into FedEx by China.
On Tuesday, FedEx CEO Smith disputed claims that the incidences with Huawei were the primary motivation for the decision to file the lawsuit.
“The Huawei packages were only peripherally involved in this lawsuit that we filed,” he said. “And in fact, it goes back many, many years, which is in the lawsuit itself and it concerns not contraband, which many people have confused the lawsuit as concerning. It concerns import and export controls as administered by the Department of Commerce.”
Commerce Secretary Wilbur Ross disagreed with FedEx’s position in an interview with Fox News Tuesday, saying, “The regulation states that common carriers cannot knowingly ship items in contravention of the entity list or other export control authorities. It does not require a common carrier to be a policeman or to know what’s in every package.”
Smith noted that five new companies were added to the Commerce Department’s Entity List of companies last Friday “with extraordinarily opaque requirements” around export regulation. Smith said fines for violations currently total $250,000 per package.
US chipmaker Micron has restarted some shipments to Huawei despite a ban on selling products to the Chinese firm.
The US banned companies from selling components and technology to Huawei and 68 affiliates on 15 May.
But boss Sanjay Mehrotra said Micron had found it could lawfully "resume shipping a subset of current products".
Intel and other market leaders have also reportedly restarted selling some products to the world's biggest telecoms equipment manufacturer.
Micron, Intel and other industry leaders had managed to partly circumvent the ban by avoiding labelling goods as American-made, the New York Times reported on Tuesday.
The sanctions apply to goods that contain 25% or more components or materials that come from the US.
But goods made outside the US by American companies may not be considered US-made, according to the New York Times.
Despite resuming shipments, however, Mr Mehrotra sounded a note of caution on a conference call with investors on Tuesday.
"There is considerable ongoing uncertainty surrounding the Huawei situation and we are unable to predict the volumes or time periods over which we will be able to ship products to Huawei," he said.
The Semiconductor Industry Association, which is backed by Intel and Micron, said some chips did not fall under the US government sales ban.
"As we have discussed with the US government, it is now clear some items may be supplied to Huawei consistent with the entity list and applicable regulations," the association said.
Counting the cost
While the ban is expected to cost Huawei $30bn (£24bn) in revenue this year, the company is still able to sell phones with stockpiled components - which some analysts say can last for another year.
Huawei said it had shipped 100 million smartphones this year, as of 30 May.
Mr Mehrotra said Huawei was Micron's number one customer and the ban had cost the company as much as $200m in missed sales during the third quarter.
The US government move to block Huawei comes after years of claims its products represent a security threat to the US.
However, Huawei has repeatedly denied those claims, asserting it is independent of the Chinese government.
Micron, which is based in Idaho, said it conducted a legal review of its relationship with Huawei after a US export ban targeting the company was announced last month.
The chipmaker has determined that it can "lawfully resume shipping a subset of current products" that were not subject to American restrictions.
Even so, CEO Sanjay Mehrotra warned of "ongoing uncertainty" that could affect the business relationship, underlining the questions that currently face US tech companies that rely on the Chinese market.
"We cannot predict whether additional government actions may further impact our ability to ship to Huawei," he said.
Micron's earnings report showed that its quarterly revenue fell to $4.8 billion from $7.8 billion, but that still topped analysts' expectations.
2. Central bank buzz: Central bankers are in the spotlight after a speech from Federal Reserve Chair Jerome Powell undermined market confidence that an interest rate cut in July is all but certain.
Powell stressed Tuesday that policymakers would carefully monitor economic developments but warned they "should not overreact" to a single event in deciding whether or not to cut rates.
The nation's central bankers are "grappling" with whether rising trade tensions, softness in the global economy and signs of muted inflation will continue to weigh on the American economy, Powell said.
His remarks spooked investors, sending the Dow and S&P 500 to their worst one-day percentage drop since May 31.
Attention now shifts to Bank of England Governor Mark Carney, who testifies Wednesday before Parliament.The United Kingdom still has big questions to answer about its plans for Brexit.
On the radar are US durable good orders for May and the latest on US oil inventories. US crude futures are up 1.9% after American Petroleum Institute data indicated a surprisingly large decline in supply.
4. Coming this week: Wednesday — US crude oil inventories and May durable good orders; General Mills(GIS) earnings Thursday — Nike and Walgreens(WBA) earnings; US GDP third estimate Friday — US personal income and spending data; Constellation Brands earnings
LONDON (Reuters) - Hacked by suspected Chinese cyber spies five times from 2014 to 2017, security staff at Swedish telecoms equipment giant Ericsson had taken to naming their response efforts after different types of wine.
FILE PHOTO: A woman cycles past a building registered to Huaying Haitai Science and Technology Development Co. in Tianjin, China, the alleged employer of two Chinese nationals indicted by the United States on hacking charges, December 21, 2018. REUTERS/Thomas Peter/File Photo
Pinot Noir began in September 2016. After successfully repelling a wave of attacks a year earlier, Ericsson discovered the intruders were back. And this time, the company’s cybersecurity team could see exactly how they got in: through a connection to information-technology services supplier Hewlett Packard Enterprise.
Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE’s cloud computing service and used it as a launch pad to attack customers, plundering reams of corporate and government secrets for years in what U.S. prosecutors say was an effort to boost Chinese economic interests.
The hacking campaign, known as “Cloud Hopper,” was the subject of a U.S. indictment in December that accused two Chinese nationals of identity theft and fraud. Prosecutors described an elaborate operation that victimized multiple Western companies but stopped short of naming them. A Reuters report at the time identified two: Hewlett Packard Enterprise and IBM.
Yet the campaign ensnared at least six more major technology firms, touching five of the world’s 10 biggest tech service providers.
Also compromised by Cloud Hopper, Reuters has found: Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology. HPE spun-off its services arm in a merger with Computer Sciences Corporation in 2017 to create DXC.
Waves of hacking victims emanate from those six plus HPE and IBM: their clients. Ericsson, which competes with Chinese firms in the strategically critical mobile telecoms business, is one. Others include travel reservation system Sabre, the American leader in managing plane bookings, and the largest shipbuilder for the U.S. Navy, Huntington Ingalls Industries, which builds America’s nuclear submarines at a Virginia shipyard.
“This was the theft of industrial or commercial secrets for the purpose of advancing an economy,” said former Australian National Cyber Security Adviser Alastair MacGibbon. “The lifeblood of a company.”
Reuters was unable to determine the full extent of the damage done by the campaign, and many victims are unsure of exactly what information was stolen.
Yet the Cloud Hopper attacks carry worrying lessons for government officials and technology companies struggling to manage security threats. Chinese hackers, including a group known as APT10, were able to continue the attacks in the face of a counter-offensive by top security specialists and despite a 2015 U.S.-China pact to refrain from economic espionage.
The corporate and government response to the attacks was undermined as service providers withheld information from hacked clients, out of concern over legal liability and bad publicity, records and interviews show. That failure, intelligence officials say, calls into question Western institutions’ ability to share information in the way needed to defend against elaborate cyber invasions. Even now, many victims may not be aware they were hit.
The campaign also highlights the security vulnerabilities inherent in cloud computing, an increasingly popular practice in which companies contract with outside vendors for remote computer services and data storage.
“For those that thought the cloud was a panacea, I would say you haven’t been paying attention,” said Mike Rogers, former director of the U.S. National Security Agency.
Reuters interviewed 30 people involved in the Cloud Hopper investigations, including Western government officials, current and former company executives and private security researchers. Reporters also reviewed hundreds of pages of internal company documents, court filings and corporate intelligence briefings.
HPE “worked diligently for our customers to mitigate this attack and protect their information,” said spokesman Adam Bauer. “We remain vigilant in our efforts to protect against the evolving threats of cyber-crimes committed by state actors.”
A spokesman for DXC, the services arm spun off by HPE in 2017, said the company put “robust security measures in place” to protect itself and customers. “Since the inception of DXC Technology, neither the company nor any DXC customer whose environment is under our control have experienced a material impact caused by APT10 or any other threat actor,” the spokesman said.
NTT Data, Dimension Data, Tata Consultancy Services, Fujitsu and IBM declined to comment. IBM has previously said it has no evidence sensitive corporate data was compromised by the attacks.
The Chinese government has denied all accusations of involvement in hacking. The Chinese Foreign Ministry said Beijing opposed cyber-enabled industrial espionage. “The Chinese government has never in any form participated in or supported any person to carry out the theft of commercial secrets,” it said in a statement to Reuters.
BREAK-INS AND EVICTIONS
For security staff at Hewlett Packard Enterprise, the Ericsson situation was just one dark cloud in a gathering storm, according to internal documents and 10 people with knowledge of the matter.
For years, the company’s predecessor, technology giant Hewlett Packard, didn’t even know it had been hacked. It first found malicious code stored on a company server in 2012. The company called in outside experts, who found infections dating to at least January 2010.
Hewlett Packard security staff fought back, tracking the intruders, shoring up defenses and executing a carefully planned expulsion to simultaneously knock out all of the hackers’ known footholds. But the attackers returned, beginning a cycle that continued for at least five years.
The intruders stayed a step ahead. They would grab reams of data before planned eviction efforts by HP engineers. Repeatedly, they took whole directories of credentials, a brazen act netting them the ability to impersonate hundreds of employees.
The hackers knew exactly where to retrieve the most sensitive data and littered their code with expletives and taunts. One hacking tool contained the message “FUCK ANY AV” – referencing their victims’ reliance on anti-virus software. The name of a malicious domain used in the wider campaign appeared to mock U.S. intelligence: “nsa.mefound.com”
Then things got worse, documents show.
After a 2015 tip-off from the U.S. Federal Bureau of Investigation about infected computers communicating with an external server, HPE combined three probes it had underway into one effort called Tripleplay. Up to 122 HPE-managed systems and 102 systems designated to be spun out into the new DXC operation had been compromised, a late 2016 presentation to executives showed.
An internal chart from mid-2017 helped top brass keep track of investigations codenamed for customers. Rubus dealt with Finnish conglomerate Valmet. Silver Scale was Brazilian mining giant Vale. Greenxmass was Swedish manufacturer SKF, and Oculus covered Ericsson.
Projects Kronos and Echo related to former Swiss biotech firm Syngenta, which was taken over by state-owned Chinese chemicals conglomerate ChemChina in 2017 – during the same period as the HPE investigation into Chinese attacks on its network.
Ericsson said it does not comment on specific cybersecurity incidents. “Our priority is always to ensure that our customers are protected,” a spokesman said. “While there have been attacks on our enterprise network, we have found no evidence in any of our extensive investigations that Ericsson’s infrastructure has ever been used as part of a successful attack on one of our customers.”
A spokesman for SKF said: “We are aware of the breach that took place in conjunction with the ‘Cloud Hopper’ attack against HPE … Our investigations into the breach have not found that any commercially sensitive information was accessed.”
Syngenta and Valmet declined to comment. A spokesman for Vale declined to comment on specific questions about the attacks but said the company adopts “the best practices in the industry” to improve network security.
‘DRUNKEN BURGLARS’
The companies were battling a skilled adversary, said Rob Joyce, a senior adviser to the U.S. National Security Agency. The hacking was “high leverage and hard to defend against,” he said.
According to Western officials, the attackers were multiple Chinese government-backed hacking groups. The most feared was known as APT10 and directed by the Ministry of State Security, U.S. prosecutors say. National security experts say the Chinese intelligence service is comparable to the U.S. Central Intelligence Agency, capable of pursuing both electronic and human spying operations.
Two of APT10’s alleged members, Zhu Hua and Zhang Shilong, were indicted in December by the United States on charges of conspiracy to commit computer intrusions, wire fraud and aggravated identity theft. In the unlikely event they are ever extradited and convicted, the two men would face up to 27 years in an American jail.
Reuters was unable to reach Zhu, Zhang or lawyers representing the men for comment. China’s Foreign Ministry said the charges were “warrantless accusations” and it urged the United States to “withdraw the so-called lawsuits against Chinese personnel, so as to avoid causing serious harm to bilateral relations.”
The U.S. Justice Department called the Chinese denials “ritualistic and bogus.”
“The Chinese Government uses its own intelligence services to conduct this activity and refuses to cooperate with any investigation into thefts of intellectual property emanating from its companies or its citizens,” DOJ Assistant Attorney General John Demers told Reuters.
APT10 often attacked a service provider’s system by “spear-phishing” – sending company employees emails designed to trick them into revealing their passwords or installing malware. Once through the door, the hackers moved through the company’s systems searching for customer data and, most importantly, the “jump servers” – computers on the network which acted as a bridge to client systems.
After the attackers “hopped” from a service provider’s network into a client system, their behavior varied, which suggests the attacks were conducted by multiple teams with different skill levels and tasks, say those aware of the operation. Some intruders resembled “drunken burglars,” said one source, getting lost in the labyrinth of corporate systems and appearing to grab files at random.
HOTELS AND SUBMARINES
It’s impossible to say how many companies were breached through the service provider that originated as part of Hewlett Packard, then became Hewlett Packard Enterprise and is now known as DXC.
The HPE operation had hundreds of customers. Armed with stolen corporate credentials, the attackers could do almost anything the service providers could. Many of the compromised machines served multiple HPE customers, documents show.
One nightmare situation involved client Sabre Corp, which provides reservation systems for tens of thousands of hotels around the world. It also has a comprehensive system for booking air travel, working with hundreds of airlines and 1,500 airports.
A thorough penetration at Sabre could have exposed a goldmine of information, investigators said, if China was able to track where corporate executives or U.S. government officials were traveling. That would open the door to in-person approaches, physical surveillance or attempts at installing digital tracking tools on their devices.
In 2015, investigators found that at least four HP machines dedicated to Sabre were tunneling large amounts of data to an external server. The Sabre breach was long-running and intractable, said two former HPE employees.
HP management only grudgingly allowed its own defenders the investigation access they needed and cautioned against telling Sabre everything, the former employees said. “Limiting knowledge to the customer was key,” one said. “It was incredibly frustrating. We had all these skills and capabilities to bring to bear, and we were just not allowed to do that.”
“The security of HPE customer data is always our top priority,” an HPE spokesman said.
Sabre said it had disclosed a cybersecurity incident involving servers managed by an unnamed third party in 2015. Media reports at the time said the hackers were linked to the Chinese government but did not name HP.
A Sabre spokeswoman said an investigation of the breach “concluded with the important finding that there was no loss of traveler data, including no unauthorized access to or acquisition of sensitive protected information, such as payment card data or personally identifiable information.” The spokeswoman declined to comment on whether any non-traveler data was compromised.
UNINVITED GUESTS
The threat also reached into the U.S. defense industry.
In early 2017, HPE analysts saw evidence that Huntington Ingalls Industries, a significant client and the largest U.S. military shipbuilder, had been penetrated by the Chinese hackers, two sources said. Computer systems owned by a subsidiary of Huntington Ingalls were connecting to a foreign server controlled by APT10.
During a private briefing with HPE staff, Huntington Ingalls executives voiced concern the hackers could have accessed data from its biggest operation, the Newport News, Va., shipyard where it builds nuclear-powered submarines, said a person familiar with the discussions. It’s not clear whether any data was stolen.
Huntington Ingalls is “confident that there was no breach of any HII data” via DXC or HPE, a spokeswoman said.
Another target was Ericsson, which has been racing against China’s Huawei Technologies to build infrastructure for 5G networks expected to underpin future hyper-connected societies. The hacking at Ericsson was persistent and pervasive, said people with knowledge of the matter.
Logs were modified and some files were deleted. The uninvited guests rummaged through internal systems, searching for documents containing certain strings of characters. Some of the malware found on Ericsson servers was signed with digital certificates stolen from big technology companies, making it look like the code was legitimate so it would go unnoticed.
Like many Cloud Hopper victims, Ericsson could not always tell what data was being targeted. Sometimes, the attackers appeared to seek out project management information, such as schedules and timeframes. Another time they went after product manuals, some of which were already publicly available.
“The reality is that most organizations are facing cybersecurity challenges on a daily basis, including Ericsson,” Chief Security Officer Pär Gunnarsson said in a statement to Reuters, declining to discuss specific incidents. “In our industry, and across industries, we would all benefit from a higher degree of transparency on these issues.”
WHITE WOLF
In December 2018, after struggling to contain the threat for years, the U.S. government named the hackers from APT10 – Advanced Persistent Threat 10 – as agents of China’s Ministry of State Security. The public attribution garnered widespread international support: Germany, New Zealand, Canada, Britain, Australia and other allies all issued statements backing the U.S. allegations against China.
Even so, much of Cloud Hopper’s activity has been deliberately kept from public view, often at the urging of corporate victims.
In an effort to keep information under wraps, security staff at the affected managed service providers were often barred from speaking even to other employees not specifically added to the inquiries.
Slideshow (8 Images)
In 2016, HPE’s office of general counsel for global functions issued a memo about an investigation codenamed White Wolf. “Preserving confidentiality of this project and associated activity is critical,” the memo warned, stating without elaboration that the effort “is a sensitive matter.” Outside the project, it said, “do not share any information about White Wolf, its effect on HPE, or the activities HPE is taking.”
The secrecy was not unique to HPE. Even when the government alerted technology service providers, the companies would not always pass on warnings to clients, Jeanette Manfra, a senior cybersecurity official with the U.S. Department of Homeland Security, told Reuters.
“We asked them to notify their customers,” Manfra said. “We can’t force their hand.”
Additional reporting by Gao Liangping, Cate Cadell and Ben Blanchard in Beijing. Editing by Ronnie Greene and Jonathan Weber
