From the beginning of the investigation into the Marriott Hotel hack, there were rumors that the perpetrators were state-sponsored hackers working on behalf of a government entity.
This past week, indications appeared to point towards a Chinese agency being behind the hack. Investigators suspected Chinese involvement in the hack when they discovered bits of code, hacking tools, and other techniques that had previously been attributed to Chinese hackers. A report this week from the New York Times all but confirmed that the four-year intrusion into Marriott’s Starwood guest reservation database was the work of Chinese government hackers.
Citing two sources familiar with the investigation, the Times reported that the hackers were working with the Ministry of State Security, China’s Communist-controlled civilian spy agency. The hack was likely initiated in order to aid Beijing’s efforts to conduct espionage operations on American targets.
Hotel reservation databases hold a wealth of valuable information on potential targets such as passport numbers, financial data, travel itineraries, phone numbers, email addresses, dates of birth and more. The database would also have provided spies with the ability to easily cross-reference whether a potential target was staying in the same hotel or the same city at the same time as another person of interest. This long-term breach of a database this extensive would have allowed the perpetrators and their sponsors to build extremely detailed profiles of individuals, including their travel habits, business relationships, personal relationships, and other personal preferences. Information like this can be incredibly valuable to spy agencies for building profiles, identifying, and tracking the movements of potential American spies and those in contact with them.
Chinese Ministry of Foreign Affairs spokesman Geng Shuang denied any knowledge of Chinese involvement in the hack. “China firmly opposes all forms of cyber attack and cracks down on them in accordance with law,” Shuang said in a statement to Reuters last week. “If offered evidence, the relevant Chinese departments will carry out investigations according to law.” Marriott spokespeople have also declined to share any information regarding their knowledge of potential Chinese involvement.
If suspicions prove to be correct, it would potentially serve to flare up already simmering tensions between the United States and China in their ongoing trade dispute. Though President Trump claims that talks between the two nations are progressing positively, the likelihood that China was behind the large-scale hotel hack may well undermine progress. In fact, it would certainly add urgency to the Trump administration’s planned crackdowns on Chinese hacking practices.
Officials have suggested that the Marriott Hotels hack may have been part of an even larger Chinese effort to collect information on American targets that included the 2014 breach of the Office of Personnel Management. The latest revelations bring to light the reality that government espionage operations are a real concern and something that needs to be properly addressed. Corporations and government entities must dedicate the necessary resources to appropriately defend against such cyber attacks and intrusions into sensitive personal data. Defending against large-scale cyber attacks is a critical matter of both digital security and national security.