A prolific espionage group, which the U.S. government believes is Chinese, compromised billion-dollar business service provider Visma in 2018, according to a report by the threat intelligence firm Recorded Future.
Why it matters: Visma, located in Norway, has more than 850,000 customers. The Recorded Future report, produced in part with data garnered by industry partner Rapid7, also details intrusions into the networks of an unnamed U.S. law firm and unnamed apparel company.
- The breach in August, and a subsequent attack in September, came just a few months before the U.S. indicted two Chinese hackers allegedly associated with the espionage group in December.
The Chinese group, known as APT 10 or Stone Panda, is extremely active in breaching online services to target their clients, a campaign sometimes referred to as "Operation Cloudhopper."
- The Justice Department alleges that the two hackers it indicted were involved in stealing business secrets and intellectual property from at least 45 U.S. firms and victims from 12 additional countries.
The Recorded Future report outlines two parallel intrusions into different parts of the Visma network.
