Unnamed investigators on the Marriott data breach have stated that tools, techniques, and procedures used in the attack have been used in the past by Chinese hackers. The sources were not authorized the discuss the probe but speaking on the condition of anonymity, shared that the campaign may have been conducted by Chinese intelligence as a part of espionage efforts rather than for financial gain. The same sources indicated that other actors also have access to the same tools, and that attribution cannot be confirmed. Another investigator indicated that ultimate attribution may be further complicated if several hacking groups had separately penetrated the networks since 2014. Former senior FBI official also shared with Reuters that the Marriott breach appears similar in many ways to other attacks conducted for the purpose of Chinese government espionage in 2014. “Think of the depth of knowledge they could now have about travel habits or who happened to be in a certain city at the same time as another person…it fits with how the Chinese intelligence services think about things,” he stated. Marriott acquired the Starwood hotel network in 2016, paying $13.6 billion in a deal that included the Sheraton, Westin, W Hotels, and several others that now comprise the largest hotel network in the world.
Source: Exclusive: Clues in Marriott hack implicate China – sources | Reuters