Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Twin Cities
Tampa Bay news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa Bay
Charlotte news in your inbox
Catch up on the most important stories affecting your hometown with Axios Charlotte
Trump and China's President Xi Jinping. Photo: Thomas Peter - Pool/Getty Images
A prolific espionage group, which the U.S. government believes is Chinese, compromised billion-dollar business service provider Visma in 2018, according to a report by the threat intelligence firm Recorded Future.
Why it matters: Visma, located in Norway, has more than 850,000 customers. The Recorded Future report, produced in part with data garnered by industry partner Rapid7, also details intrusions into the networks of an unnamed U.S. law firm and unnamed apparel company.
- The breach in August, and a subsequent attack in September, came just a few months before the U.S. indicted two Chinese hackers allegedly associated with the espionage group in December.
The Chinese group, known as APT 10 or Stone Panda, is extremely active in breaching online services to target their clients, a campaign sometimes referred to as "Operation Cloudhopper."
- The Justice Department alleges that the two hackers it indicted were involved in stealing business secrets and intellectual property from at least 45 U.S. firms and victims from 12 additional countries.
The Recorded Future report outlines two parallel intrusions into different parts of the Visma network.