Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Behind Breach at Hotel Group Marriott Left Clues Suggesting They Were Working For Chinese Government Intelligence Gathering Operation, Report Says (reuters.com)

Posted by msmash on from the closer-look dept.

Marriott said last week that a hack that began four years ago had exposed the records of up to 500 million customers in its Starwood hotels reservation system. Private investigators looking into the breach have found hacking tools, techniques and procedures previously used in attacks attributed to Chinese hackers, Reuters reported, citing three sources who were not authorized to discuss the company's private probe into the attack. From the report: That suggests that Chinese hackers may have been behind a campaign designed to collect information for use in Beijing's espionage efforts and not for financial gain, two of the sources said. While China has emerged as the lead suspect in the case, the sources cautioned it was possible somebody else was behind the hack because other parties had access to the same hacking tools, some of which have previously been posted online.

41 comments

  1. Not Chinese, not Russian by Anonymous Coward · · Score: 0

    Marriott got hacked due to the incompetence of their CIO and IT department. Simple as that. Blaming the $current_badguy is just deflecting blame away from where it belongs.

    1. Re:Not Chinese, not Russian by Anonymous Coward · · Score: 1

      Blaming the $current_badguy is just deflecting blame away from where it belongs.

      Except when it's "Russians" in which case it's Trump's fault and Marriott is in the clear.

    2. Re:Not Chinese, not Russian by MightyMartian · · Score: 1

      So we shouldn't pursue the guy that breaks into your house, because you inadvertently left the back door open?

      There's room enough for both exploring IT security failings and investigating who it was that broke into those systems. They are not mutually exclusive activities.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    3. Re:Not Chinese, not Russian by Anonymous Coward · · Score: 0

      So we shouldn't pursue the guy that breaks into your house, because you inadvertently left the back door open?

      Not if you the guy you have on your video surveillance is wearing a Xi Jinping full head rubber mask.

    4. Re:Not Chinese, not Russian by MooseTick · · Score: 1

      "Marriott got hacked due to the incompetence of their CIO and IT department."

      Is it honestly possible to 100% safely lock down a network with PCs in 6500+ publicly accessible locations worldwide where 100k+ hourly employees need constant access?

      Its like blaming them for allowing a guest to bring in 7 suitcases loaded with bombs. A determined hacker should be able to break into any network that large and likely compromise some of their data.

      --
      Ninjas don't carry tic tacs
  2. Russian hackers by mschaffer · · Score: 3, Interesting

    What is the probability that they were just Russian hackers pretending to be Chinese hackers?

    1. Re:Russian hackers by Anonymous Coward · · Score: 0

      Could just as well have been some teens pretending to be Russian hackers that are framing Chinese hackers.
      How deep is the rabbit hole?

    2. Re: Russian hackers by houghi · · Score: 1

      "Or perhaos just the US trying to blame Russians by claiming to be Chinese. " --Israelis

      --
      Don't fight for your country, if your country does not fight for you.
    3. Re:Russian hackers by Anonymous Coward · · Score: 0

      What is the probability that they were just Russian hackers pretending to be Chinese hackers?

      100%. Russians are behind everything. They voted down the new Star Wars movie because they hate possibly the best movie ever, they voted Trump in which is basically Hitler, they caused WW2, and I have it on good anonymous sources authority that they are a new breed of Communist Fascists that hate life itself and seek to destroy all human kind.

  3. it was obvious... by Anonymous Coward · · Score: 0, Funny

    One of the network engineers found pee pee in his Coke...

  4. you mean this guy? by Anonymous Coward · · Score: 1

    Ok. So you mean this guy: Bruce Hoffmeister. He's been there for over 7 years.
    http://news.marriott.com/p/bru...
    https://www.linkedin.com/in/br...

    1. Re:you mean this guy? by Anonymous Coward · · Score: 2, Insightful

      So funny. The profile page of that turkey on Marriott's webpage shows this in my browser...

      © 1996 - {{today | date:'yyyy'}} MARRIOTT INTERNATIONAL, INC.

      No wonder they got hacked.

  5. hackers hacking with hacks by Anonymous Coward · · Score: 0

    Frankly, it's all Greek to me.

    Worse, it doesn't mean anything, except say that the speaker is an idiot who takes his listeners to be idiots, too.

  6. NSA does this... by Anonymous Coward · · Score: 1

    Didn't we read about NSA tools that drop Chinese and Russian "clues" into binaries to provide false attribution.

    If anything those groups are smart enough to not leave those traces, so this was likely the NSA doing this by my logic.

    1. Re:NSA does this... by Anonymous Coward · · Score: 0

      Didn't we read about NSA tools that drop Chinese and Russian "clues" into binaries to provide false attribution.

      Citation needed.

      If anything those groups are smart enough to not leave those traces, so this was likely the NSA doing this by my logic.

      Provided the person at the keyboard was paying attention. Anybody can have an "off" day. And the NSA already knows all that stuff.

    2. Re:NSA does this... by Anonymous Coward · · Score: 0

      Citation needed.

      Different AC here, but I think this is what he was referring to.

      Also, from TFA:

      While China has emerged as the lead suspect in the case, the sources cautioned it was possible somebody else was behind the hack because other parties had access to the same hacking tools, some of which have previously been posted online.

      Identifying the culprit is further complicated by the fact that investigators suspect multiple hacking groups may have simultaneously been inside Starwood’s computer networks since 2014, said one of the sources.

      So we have possibly multiple perpetrators, over the span of four years, meaning both before and after Marriott acquired Starwood. I am not saying China's government did not participate. I am saying lots of people could have put their hands into the cookie jar, over a long period of time. If they did participate, they may be one of many, including somebody who wants to divert attention by pointing a finger.

    3. Re:NSA does this... by Anonymous Coward · · Score: 0

      Fuck you Citation needed. Any google search for false flag operation will find this stuff.

  7. No need to decide, give them both a time-out by goombah99 · · Score: 1

    They are both bad actors, just turn off all internet connections to the US from Russia on Thursdays and China on Fridays. And keep expanding the time-out one day a week till the problem goes away. Sure it won't stop hackers from working through other countries, and their would be workarounds with proxies in other countries, but the colossal inconvenience of it as collective punishment for the whole country will spur the state-sponsored attacks to become too costly.

    The internet is already heading for Balkanization between the great firewalls, the death of net neutrality, and the potential bifurcation of ICAAN's root domains, so nothing will be lost by this lesser move.

    If the comeback you want to post is "well the US does it to", then great, maybe the US will also see some value in not doing it too.

    --
    Some drink at the fountain of knowledge. Others just gargle.
  8. The NSA and CIA by maxbuzz · · Score: 0

    have the tools to frame any nation for their cyber crimes.
    so how can we ever know who is responsible?

  9. Inside job by Anonymous Coward · · Score: 0

    since there are no repercussions for data leaks like this, there is nothing to stop Marriott employees (or indeed Marriott itself) from leaving the servers open in exchange for a kickback.

  10. This is coming straight out of Sun Tzu, Chapter 13 by Anonymous Coward · · Score: 0

    The Chinese have been reading Sun Tzu, Chapter 13 on the use of spies. Little did Sun Tzu know during the time of Plato, that he could simply spy with his fingers, a keyboard, and a $35 Raspberry Pi.

  11. INFORMATION wants to be FREE! by grep+-v+'.*'+* · · Score: 1

    So what's with all of the brouhaha? I don't get it. By the way, What's In Your Wallet? ....specifically the credit card numbers, their expiration date, and CVV code.

    --
    If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
  12. So what is the actual value of the data? by bobstreo · · Score: 1

    "That suggests that Chinese hackers may have been behind a campaign designed to collect information for use in Beijing's espionage efforts and not for financial gain, two of the sources said."

    Wouldn't it be easier to just buy the data from Marriott?

    If it's someone "looking to cash in" on the data, what are an additional 500 Million (guessing that there is a whole lot of repeat customers in this data set) records worth?

    Used to be hard to get enough information for single credit cards, nowadays you would probably have to sell blocks of 10K records for a couple bucks. All these types of hacks are doing is to really devalue the data they are stealing to the point where it's not actually of much value.

    1. Re:So what is the actual value of the data? by Anonymous Coward · · Score: 0

      Watching for changes in travel patterns of senior government members is very valuable.

    2. Re:So what is the actual value of the data? by budsetr · · Score: 1

      I think you are hitting upon something here. What is more affordable: hyper-competency and outright owning the rest of the world in technology or propaganda and the appearance of p0wning everybody?

  13. They Tried to Execute Chinese Commands by Anonymous Coward · · Score: 0

    Like ching, chong, bing, bong, ding and dong.

  14. It's not the Chinese by Anonymous Coward · · Score: 0

    It's not the Chinese. I've already gotten the call phishing for my password ("You've won a free vacation at Marriott, give us your password so we can process it.").
    The Chinese already know my password, they wouldn't need to phish for it.

  15. Deck Da Harrs Rith Barrs of Horry! by Anonymous Coward · · Score: 0

    Fa ra RA RA RAAAAA ra raaa ra raaah!

  16. Ah, you see it was the Chinese by Anonymous Coward · · Score: 0

    Not our lax security. So you can't punish us. Ha ha!

  17. so then who were they REALLY working for? by bonedonut · · Score: 1

    'Clues' were probably left intentionally.

  18. Chinese spy by Anonymous Coward · · Score: 0

    I bet it was like this:
    https://www.youtube.com/watch?...

  19. Marriott’s Security Guy isn't to blame... by bobbied · · Score: 1

    Their security guy stayed at a "Holiday Inn Express" last night.... I guess we all now know why...

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  20. Started after Obama and Xi agreed by Anonymous Coward · · Score: 0

    Started after Obama and Xi agreed Sept 25, 2015 not to hack each other? https://www.ft.com/content/0db...

    Avoided Starwood the last 2 yrs, since their prior breech.

  21. Dead giveaway by nospam007 · · Score: 1

    The naughty hackers left electronic tools and devices back and the investigation has determined that they were all 'made in China'.

  22. About the same as you being a Chinese troll by Anonymous Coward · · Score: 0

    What is the probability that they were just Russian hackers pretending to be Chinese hackers?

    Probably about the same as you being a Chinese intelligence operative pretending to be some internet doofus who thinks he's smarter than he is throwing shade on "Chinese did it" theory.

    1. Re:About the same as you being a Chinese troll by Anonymous Coward · · Score: 0

      Tovarishch, spasibo za pokrytiye dlya nas.

  23. Blame the Chinese first by Anonymous Coward · · Score: 0

    I really thought reporting could not be any more biased then it was. But it really is getting pretty bad

    Marriott: it's the Chinese we tell ya
    Sources: Yah the Chinese , ooooooorrrrr Anyone really because the tools are already out there.
    Marriott: So then you're saying the Chinese. Right?
    Sources: Yep Chinese.

  24. Re:Chinese Snowden by ennis99 · · Score: 1

    There are always security breaches and hackers take advantage, this is all. https://downloader.vip/the-pir... https://downloader.vip/yify-yt... https://downloader.vip/rarbg/