Wave Systems Corp. (fka WAVXQ)

[Genz2]

China hacked HPE and IBM, and then attacked their clients: Sources

https://www.cnbc.com/2018/12/21/china-hacked-hpe-and-ibm-and-then-attacked-their-clients-sources-.html

•Hackers working on behalf of China's Ministry of State Security breached the networks of Hewlett Packard Enterprise Co and IBM.
•The hackers then used the access to hack into their clients' computers, according to five sources familiar with the attacks.
•The attacks were part of a Chinese campaign known as Cloudhopper, which the U.S. and Britain said infected technology service providers in order to steal secrets from their clients.

Hackers working on behalf of China's Ministry of State Security breached the networks of Hewlett Packard Enterprise Co and IBM, then used the access to hack into their clients' computers, according to five sources familiar with the attacks.

The attacks were part of a Chinese campaign known as Cloudhopper, which the United States and Britain on Thursday said infected technology service providers in order to steal secrets from their clients.

While cybersecurity firms and government agencies have issued multiple warnings about the Cloudhopper threat since 2017, they have not disclosed the identity of technology companies whose networks were compromised.


International Business Machines Corp said it had no evidence that sensitive corporate data had been compromised. Hewlett Packard Enterprise (HPE) said it could not comment on the Cloudhopper campaign.

Businesses and governments are increasingly looking to technology companies known as managed service providers (MSPs) to remotely manage their information technology operations, including servers, storage, networking and help-desk support.

Cloudhopper targeted MSPs to access client networks and steal corporate secrets from companies around the globe, according to a U.S. federal indictment of two Chinese nationals unsealed on Thursday. Prosecutors did not identify any of the MSPs that were breached.

Both IBM and HPE declined to comment on the specific claims made by the sources.

"IBM has been aware of the reported attacks and already has taken extensive counter-measures worldwide as part of our continuous efforts to protect the company and our clients against constantly evolving threats," the company said in a statement. "We take responsible stewardship of client data very seriously, and have no evidence that sensitive IBM or client data has been compromised by this threat."

HPE said in a statement that it had spun out a large managed-services business in a 2017 merger with Computer Sciences Corp that formed a new company, DXC Technology.

The security of HPE customer data is our top priority," HPE said. "We are unable to comment on the specific details described in the indictment, but HPEs managed services provider business moved to DXC Technology in connection with HPEs divestiture of its Enterprise Services business in 2017.

DXC Technology declined to comment, saying in a statement that it does not comment on reports about specific cyber events and hacking groups.

Reuters was unable to confirm the names of other breached technology firms or identify any affected clients.

The sources, who were not authorized to comment on confidential information gleaned from investigations into the hacks, said that HPE and IBM were not the only prominent technology companies whose networks had been compromised by Cloudhopper.

Cloudhopper, which has been targeting technology services providers for several years, infiltrated the networks of HPE and IBM multiple times in breaches that lasted for weeks and months, according to another of the sources with knowledge of the matter.

IBM investigated an attack as recently as this summer, and HPE conducted a large breach investigation in early 2017, the source said.

The attackers were persistent, making it difficult to ensure that networks were safe, said another source.

IBM has dealt with some infections by installing new hard drives and fresh operating systems on infected computers, said the person familiar with the effort.

Cloudhopper attacks date back to at least 2014, according the indictment.

The indictment cited one case in which Cloudhopper compromised data of an MSP in New York state and clients in 12 countries including Brazil, Germany, India, Japan, the United Arab Emirates, Britain and the United States. They were from industries including finance, electronics, medical equipment, biotechnology, automotive, mining, and oil and gas exploration.

One senior intelligence official, who declined to name any victims who were breached, said attacks on MSPs were a significant threat because they essentially turned technology
companies into launchpads for hacks on clients.

"By gaining access to an MSP, you can in many cases gain access to any one of their customers," said the official. "Call it the Walmart approach: If I needed to get 30 different items for my shopping list, I could go to 15 different stores or I could go to the one that has everything.

Representatives with the FBI and Department of Homeland Security declined to comment. Officials with the U.S. Justice Department and the Chinese embassy in Washington could not be reached.

A British government spokeswoman declined to comment on the identities of companies affected by the Cloudhopper campaign or the impact of those breaches.

A number of MSPs have been affected, and naming them would have potential commercial consequences for them, putting them at an unfair disadvantage to their competitors," she said.
=================================================================
https://www.wavesys.com/wave-alternative

The IT perimeter is gone

With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.

It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.

You have to start with the device

Wave has an alternative: security that’s built into each and every device.

We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.

We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.

Security that’s confirmed, not assumed

With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.

A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.

Do we need to say that with Wave, compliance is no problem?

Start closing your security gaps today, with what you’ve got

You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.

It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.

Questions? Read on, or contact our sales department