Thursday December 06, 2018

Forensic Clues Implicate China in Marriott International Data Breach

Private investigators analyzing the Marriott International data breach are finding hacking tools, techniques, and procedures previously used in attacks attributed to Chinese government intelligence gathering operations. The sources are reluctant to blame China as other parties have access to the same hacking tools and some are available online. The evidence collected so far points to multiple hacking groups having access to the Starwood guest reservation database since 2014. 500 million Starwood hotels customers were affected by the data breach.

News Image

"Think of the depth of knowledge they could now have about travel habits or who happened to be in a certain city at the same time as another person," said Anderson, who served as FBI executive assistant director until 2015. Michael Sussmann, a former senior Department of Justice official for its computer crimes section, said that the long duration of the campaign was an indicator that the hackers were seeking data for intelligence and not information to use in cyber crime schemes. "One clue pointing to a government attacker is the amount of time the intruders were working quietly inside the network," he said. "Patience is a virtue for spies, but not for criminals trying to steal credit card numbers."