Thomas Peter-Pool/Getty Images
show image

China may be behind four-year-long Marriott International cyber attack, claims report

An investigation has allegedly revealed that Chinese intelligence officials may have been behind the four-year-long cyber attack that compromised 500 million Marriott International customers’ data.

Reuters reported that private investigators working for the hotel group, the world’s largest, believe the hacking tools used in the attack resemble those previously linked to Chinese hackers.

However, the investigation has not yet concluded and the investigators have not ruled out the possibility the attackers could simply have deployed Chinese cyber tools, which are publicly available.

Anonymous sources told Reuters that the Chinese government may have sought to harvest the travel data of Marriott’s customers to inform its intelligence operations, rather than to sell it on to cyber criminals on the dark web.

A spokesperson for the Chinese government said the country was “firmly opposed to all forms of cyber attacks” and that it would investigate any evidence that it was implicated.

The allegation is likely to further exacerbate US-Chinese relations. The two countries are locked in a bitter trade war, which has been at least partly motivated by American fears about Chinese cyber espionage.

Last week, it emerged that the chief financial officer of Huawei, one of China’s biggest tech exporters, had been detained in Vancouver, charged with violating sanctions against Iran, and faced deportation to the US.

The US government has been putting pressure on Western governments in recent weeks to drop support for the company’s 5G infrastructure equipment, amid concerns about its alleged links to Beijing.

Huawei has repeatedly stressed it operates independently of the Chinese authorities, but that has failed to allay some Western government’s concerns. Last month, New Zealand’s intelligence agency blocked one of the country’s telecoms providers from using Huawei equipment as part of its 5G rollout.

Neither the National Security Agency in the US, nor the National Cyber Security Centre in the UK has yet passed public comment on the possible identity of the Marriott attacker.

While the two agencies have attributed widespread cyber attacks to Russia and North Korea in the past, they have historically been more reserved about discussing Chinese cyber activity.

The UK government now faces the difficult challenge of allaying the Trump administration’s concerns about Chinese technology, without damaging its links with Beijing as it attempts to strike closer trade links after Brexit.