www.pwc.co.uk Open in urlscan Pro
23.67.131.163  Public Scan

Form analysis
1 forms found in the DOM

GET https://www.pwc.co.uk/search.html

<form id="slimSearchForm" role="search" action="https://www.pwc.co.uk/search.html" method="get">
  <input id="slimSearch" class="slim-search" type="text" name="searchfield" placeholder="Search for industries, products, services and more">
  <input type="hidden" name="pwcSiteSection" autocomplete="off">
  <input type="hidden" name="pwcLang" value="en" autocomplete="off">
  <input type="hidden" name="pwcGeo" value="uk" autocomplete="off">
  <input type="submit" class="submit-search" value="">
</form>

Text Content

Skip to content Skip to footer
Industries Services Issues About us Careers Media centre

More



United Kingdom
Find a country or region
Global



Afrique
FrancophoneAlbaniaAmericaAndorraAngolaArgentinaArmeniaAustraliaAustriaAzerbaijanBahamasBahrainBarbadosBelgiumBermudaBoliviaBosnia
and HerzegovinaBotswanaBrasilBritish Virgin
IslandsBruneiBulgariaCambodiaCameroonCanadaCape VerdeCaribbeanCayman
IslandsCentral and Eastern EuropeChadChannel IslandsChileChinaColombiaCongo
(Brazzaville)Congo (Dem. Rep.)Costa RicaCroatiaCyprusCzech RepublicCôte
d'IvoireDenmarkDominican RepublicEcuadorEgyptEl SalvadorEquatorial
GuineaEstoniaFinlandFranceGabonGazaGeorgiaGermanyGhanaGibraltarGreeceGuatemalaGuineaHondurasHong
Kong SAR, ChinaHungaryIcelandIndiaIndonesiaInteraméricasIraqIreland (Republic
of)Isle of
ManIsraelItalyJamaicaJapanJordanKazakhstanKenyaKosovoKuwaitLaosLatviaLebanonLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacedoniaMadagascarMalaysiaMaltaMauritiusMexicoMiddle
East
RegionMoldovaMongoliaMontenegroMozambiqueMéxicoNamibiaNetherlandsNetherlands
AntillesNew ZealandNicaraguaNigeriaNorwayOmanPakistanPanamaPapua New
GuineaParaguayPeruPhilippinesPolandPortugalQatarRomaniaRwandaSaudi
ArabiaSenegalSerbiaSingaporeSlovakiaSloveniaSouth AfricaSouth
KoreaSpainSwedenSwitzerlandTaiwanTanzaniaThailandTrinidad and
TobagoTurkeyTürkiyeU.S.UKUSUSAUgandaUkraineUnited Arab EmiratesUnited
KingdomUnited StatesUruguayUzbekistanVenezuela VietnamWest
BankZambiaZimbabweeSwatini/SwazilandУкраїнаישראל臺灣
Search

Show full breadcrumb
UK home Issues Cyber security services Insights Operation Cloud Hopper

Menu

Industries
Industries
Consumer markets Energy, utilities and resources Financial services Government
and health industries Industrial manufacturing and services Private equity and
funds Technology, media and telecommunications

Menu

Industries
Consumer markets
Hospitality, sport and leisure Retail and consumer goods Transport and logistics

Menu

Industries
Energy, utilities and resources

Menu

Industries
Financial services
Asset and wealth management Banking and capital markets Insurance Real estate

Menu

Industries
Government and health industries
Charities Defence Devolved and local government Education Healthcare services
Home, international and business affairs Pharmaceutical and life sciences
Transport

Menu

Industries
Industrial manufacturing and services
Aerospace Automotive Business Support services Defence Engineering and
construction Manufacturing

Menu

Industries
Private equity and funds

Menu

Industries
Technology, media and telecommunications

Featured

Industry in Focus

Good Growth for Cities

Sustainable economy

Menu

Services
Services
Alliances Audit Business Restructuring Consulting Deals Economics Forensics
Legal Managed Services Private business Risk Strategy& Sustainability and
climate change Tax Workforce

Menu

Services
Alliances

Menu

Services
Audit
Capital markets assurance Corporate reporting Non-financial assurance

Menu

Services
Business Restructuring
Assessing business viability CRO+ Improving your working capital Insolvency
Insurance and legacy solutions Leading the restructuring Pensions employer
covenant and restructuring Raising and refinancing debt Rationalising your
corporate structure Reducing costs rapidly Restructuring M&A

Menu

Services
Consulting
Experience consulting Finance consulting Operations consulting PwC Research
Strategy consulting Technology consulting Workforce

Menu

Services
Deals
Business restructuring Deal analytics Forensics Lead Advisory Transactions

Menu

Services
Economics
Behavioural economics Competition economics Econometric modelling and data
analytics Financial economics and regulatory finance Pricing economics
Regulatory economics Sports economics Total impact-driven strategy

Menu

Services
Forensics
Digital and forensic investigation Disputes and Claims Financial crime solutions
Forensic investigations

Menu

Services
Legal
Contract counsel Corporate Data protection and privacy Dispute resolution
Employment Entity governance Environmental and sustainable legal advice Finance
Government and public sector NewLaw Pensions Private client legal services

Menu

Services
Managed Services

Menu

Services
Private business

Menu

Services
Risk
Capital markets advisory Commercial Control & Capital Projects Cyber security
Governance, risk and compliance Internal audit Marketing and media Risk
modelling Sustainability Technology, data and analytics Treasury and commodities

Menu

Services
Strategy&

Menu

Services
Sustainability and climate change
Cities Climate change Economic development Sustainability risk Sustainability
strategy Technology

Menu

Services
Tax
Accounting compliance Business acquisition Digital tax academy Environmental tax
Indirect taxes Innovation and capital incentives International business models
International tax and treasury Investment Managing your personal and business
wealth Operational taxes Tax compliance Tax dispute resolution

Menu

Services
Workforce
Change management and communications Corporate transactions Diversity inclusion
consulting Employment law Employment Tax and Payroll HR technology Leadership
and Upskilling Organisational design Pensions People analytics Reward Workforce
management

Featured

Rethink Risk

Business in focus

Transformation

Menu

Issues
Issues
Building public trust Business in focus Crisis and resilience Cyber security
Data protection and privacy Environmental, Social and Governance (ESG)
Generative AI Risk Talent and skills Technology The future of audit
Transformation Value Creation

Menu

Issues
Building public trust

Menu

Issues
Business in focus

Menu

Issues
Crisis and resilience

Menu

Issues
Cyber security

Menu

Issues
Data protection and privacy

Menu

Issues
Environmental, Social and Governance (ESG)

Menu

Issues
Generative AI

Menu

Issues
Risk

Menu

Issues
Talent and skills

Menu

Issues
Technology

Menu

Issues
The future of audit

Menu

Issues
Transformation

Menu

Issues
Value Creation

Featured

UK blogs

Managed Services

Menu

About us
About us
Alumni Annual Report Building Public Trust programme Code of conduct Engaging
policy makers Integrated Reporting Hub Offices Our leadership and governance
structure Our purpose The Leadership Exchange The New Equation Women in
technology

Menu

About us
Alumni

Menu

About us
Annual Report
Archive

Menu

About us
Building Public Trust programme

Menu

About us
Code of conduct

Menu

About us
Engaging policy makers

Menu

About us
Integrated Reporting Hub

Menu

About us
Offices

Menu

About us
Our leadership and governance structure

Menu

About us
Our purpose
Becoming a net zero business Case studies Credentials Downloads Empowering
people & communities Fair & trusted business Performance Strategy Working with
purpose

Menu

About us
The Leadership Exchange

Menu

About us
The New Equation

Menu

About us
Women in technology

Featured

Annual Report

What is The New Equation?

UK blogs

Menu

Careers
Careers
About us Early Careers Experienced careers Flexible or Contractor careers Our
business areas Our people. Their stories Sign up for our Talent Network

Menu

Careers
About us
Inclusion Pay and benefits Wellbeing at PwC

Menu

Careers
Early Careers
Applying Job search Our events Our programmes

Menu

Careers
Experienced careers
Application support Events Partner recruitment Search all jobs

Menu

Careers
Flexible or Contractor careers
Contractor careers Flexible careers

Menu

Careers
Our business areas
Actuarial Audit Consulting Deals Internal Firm Services Legal Operate Risk Tax
Technology

Menu

Careers
Our people. Their stories

Menu

Careers
Sign up for our Talent Network
Professional Talent Network School and college Talent Network University Talent
Network

Menu

Media centre
Media centre

Loading Results

No Match Found

View All Results




OPERATION CLOUD HOPPER

Copy link Link copied to clipboard


WHAT IS OPERATION CLOUD HOPPER?

Since late 2016, we’ve worked closely with BAE Systems, the UK’s National Cyber
Security Centre (NCSC) and other members of the security committee to uncover
and disrupt what’s thought to be one of the largest ever sustained global cyber
espionage campaigns. This operation is referred to as ‘Operation Cloud Hopper’.


WHO’S RESPONSIBLE?

The threat actor behind the campaign is widely known within the cyber security
community as ‘APT10’, referred to within PwC UK as ‘Red Apollo’. It’s a widely
held view within the community that APT10 is a China-based threat actor.

Our analysis of the compile times of malware binaries, the registration times of
domains attributed to APT10, and the majority of its intrusion activity
indicates a pattern of work in line with China Standard Time (UTC+8).

The threat actor’s targeting of diplomatic and political organisations in
response to geopolitical tensions, as well as the targeting of specific
commercial enterprises, is closely aligned with strategic Chinese interests.


WHO HAS IT TARGETED?

The espionage campaign has targeted managed IT service providers (MSPs),
allowing the APT10 group unprecedented potential access to the intellectual
property and sensitive data of those MSPs and their clients globally. This
indirect approach of reaching many through only a few targets demonstrates a new
level of maturity in cyber espionage. So it’s more important than ever to have a
comprehensive view of all the threats your organisation might be exposed to,
either directly or through your supply chain.

The sheer scale of the operation was uncovered through collaboration amongst
organisations in the public and private sectors, but is still only likely to
reflect a small portion of APT10’s global operations. A number of Japanese
organisations have also been targeted in a separate, simultaneous campaign by
the same group, with APT10 masquerading as legitimate Japanese government
entities to gain access.


HOW WAS IT CARRIED OUT?

APT10’s activity can be outlined in six steps:

 1. APT10 compromises a Managed IT Services provider.
 2. MSP customers who align to APT10’s targeting profile are accessed by the
    threat actor using the MSPs legitimate access.
 3. Data of interest to APT10 is accessed by the threat actor moving laterally
    through systems.
 4. MSP customer data is collected by APT and compressed, ready for exfiltration
    from the network.
 5. Compressed files filled with stolen data are moved from the MSP customer’s
    network back onto the MSP network.
 6. APT10 exfiltrates stolen data back through MSPs to infrastructure controlled
    by the threat actor.


WHAT CAN BE DONE TO DEFEND AGAINST IT?

This campaign serves to highlight the importance of organisations having a
comprehensive view of their threat profile, including that of their supply
chain’s. More broadly, it should also encourage organisations to fully assess
the risk posed by their third party relationships, and prompt them to take
appropriate steps to assure and manage these.

More detail on the operation is included in our joint report with BAE Systems,
available to download below. You can also download separate documents outlining
the key indicators of compromise to check for and technical details relating to
APT10.

For any questions on the operation or APT10 please contact our threat
intelligence team, or for advice on protecting your organisation contact our
threat detection and response team on the details below.


DOWNLOAD FULL REPORT OPERATION CLOUD HOPPER


Download the Indicators of Compromise and Technical Annex reports


RELATED DOCUMENTS:

 * Annex A: Indicators of Compromise
 * Annex B: Technical Annex






CONTACT US

Richard Horne

Cyber Security Chair, Risk and Quality Partner, PwC United Kingdom

Tel: +44 (0)7775 553373

Email

Kris McConkey

Cyber Threat Operations Lead Partner, PwC United Kingdom

Tel: +44 (0)7725 707360

Email

Follow us
Sign up for our cyber security newsletter

Hide


CONTACT US



We are a community of solvers combining human ingenuity, experience and
technology innovation to deliver sustained outcomes and build trust.

It all adds up to The New Equation.
Find out more about The New Equation
Audit Consulting Deals Risk Tax Industries About us Offices Media centre Careers
Alumni Sitemap

© 2015 - 2023 PwC. All rights reserved. PwC refers to the PwC network and/or one
or more of its member firms, each of which is a separate legal entity. Please
see www.pwc.com/structure for further details.

 * Terms and conditions
 * Privacy Statement
 * Cookie info
 * Legal Disclaimer
 * About Site Provider
 * Provision of Services
 * Diversity
 * Human rights and Modern Slavery Statement
 * Web Accessibility


COOKIES:
THE CHOICE IS YOURS

We use cookies to make our site work well for you and so we can continually
improve it. The cookies that keep the site functioning are always on. We use
analytics and marketing cookies to help us understand what content is of most
interest and to personalise your user experience.

It’s your choice to accept these or not. You can either click the 'I accept all’
button below or use the switches to choose and save your choices.

For detailed information on how we use cookies and other tracking technologies,
please visit our cookies information page.

I accept all cookies

NECESSARY COOKIES

Always Active

These cookies are necessary for the website to operate. Our website cannot
function without these cookies and they can only be disabled by changing your
browser preferences.

ANALYTICS COOKIES

Analytics Cookies

These cookies allow us to measure and report on website activity by tracking
page visits, visitor locations and how visitors move around the site. The
information collected does not directly identify visitors. We drop these cookies
and use Adobe to help us analyse the data.

MARKETING COOKIES

Marketing Cookies

These cookies help us provide you with personalised and relevant services or
advertising, and track the effectiveness of our digital marketing activities.

Save my cookie choices and close

Back Button

Back


PERFORMANCE COOKIES

Vendor Search Search Icon Filter Icon


Clear Filters

Information storage and access
Apply
Consent Leg.Interest

All Consent Allowed

Select All Vendors
Select All Vendors
Select All Hosts


 * 33ACROSS
   
   HOST DESCRIPTION
   
   VIEW COOKIES
   
   
   REPLACE-WITH-DYANMIC-HOST-ID
    * Name
      cookie name
      Host
      cookie host
      Duration
      cookie duration
      Type
      cookie type
      Category
      cookie category
      Description
      cookie category


 * 33ACROSS
   
   View Privacy Notice
   
   3 Purposes
   
   REPLACE-WITH-DYANMIC-VENDOR-ID
   Arrow
   
   Consent Purposes
   
   Location Based Ads
   
   Consent Allowed
   
   Legitimate Interest Purposes
   
   Personalize
   
   Require Opt-Out
   
   Special Purposes
   
   Location Based Ads
   
   Features
   
   Location Based Ads
   
   Special Features
   
   Location Based Ads

Save my cookie choices and close

 * LinkedIn
 * Facebook
 * Twitter
 * Copy link