CBS News reports that Chinese state actor, API 41, stole trillions of dollars worth of intellectual properties (IP) from companies around the globe.
According to the report, approximately 30 multinational companies suffered a breach of hundreds of gigabytes of data. The cyber-data information was the result of a malicious year-long API 41 operation that US cyber-security firm, Cybereason, dubbed the campaign, Operation Cuckoobees.
Energy, manufacturing, and pharmaceutical companies suffered the breach of IP and sensitive data, including blueprints, diagrams, formulas, and manufacturing-related proprietary data, spanning technology and manufacturing companies in North America, Europe, and Asia, according to CBS News.
CEO of Cybereason, Lior Div told CBS News,
We're talking about Blueprint diagrams of fighter jets, helicopters, and missiles.”
and about pharmaceuticals,
we saw them stealing IP of drugs around diabetes, obesity, depression."
Cybereason suggests that API 41 was after cutting-edge technology that had not yet been patented. Operation Cuckoobees, had been active since 2019. Cybereason was tipped off to a potential intrusion in April 21, 2021, at a meeting with one of the affected companies. The intrusion has not yet been stopped, according to CBS.
Analysts at Cybereason reversed engineered the attack to see each step API 41 took once inside the network. The hackers got data that could be potentially used for future cyber-attacks or future extortion. Cybereason researchers found that user account data, network architecture, business unit data, and customer data had been accessed.
CBS News notes that complicated engineering information such as rocket propelled weapons manufacturing are tediously encrypted and that the Chinese hacker agency would indeed need a wide range of network access to achieve success in their malicious campaign.
In May 2021 the US Department of Justice charged 4 Chinese nationals connected to API 41 with: Global Computer Intrusion Campaign Targeting Intellectual Property and Confidential Business Information, Including Infectious Disease Research.
The element of unpatented intellectual property and sensitive data in the hack, led to mounting speculation on the financial impact of the hack.
Cyberreason Ceo Lior Div told CBS News,
The real impact is something we're going to see in five years from now, ten years for now, when we think that we have the upper hand on pharmaceutical, energy, and defense technologies. And we're going to look at China and say, how did they bridge the gap so quickly without the engineers and resources?"
As a cyber-security company, Cybereason offers internet and data security services to both consumers and businesses. You can see about them here.