An internal investigation has revealed that Chinese intelligence officials may have been behind the four-year-long cyber attack that compromised 500 million Marriott International customers’ data, according to Reuters.
The news agency reported that China is currently considered the most likely culprit, after the hacking tools used in the attack were deemed to resemble those previously linked to Chinese hackers.
However, the investigation has not yet concluded and private investigators enlisted by the hotel chain, the world’s largest, have not ruled out the possibility the attackers could simply have been appropriated Chinese weaponry, which is publicly available.
Anonymous sources told Reuters that the Chinese government may have sought to harvest the travel data of Marriott’s customers to inform its intelligence operations, rather than to sell it on to cyber criminals on the dark web.
A spokesperson for the Chinese government said the country was “firmly opposed to all forms of cyber attacks” and that it would investigate any evidence that it was implicated.
The allegation is likely to further exacerbate US-Chinese relations. The two countries are locked in a bitter trade war, which has been at least partly motivated by American fears about the risks associated with Chinese technology.
Last week, it emerged that the chief financial officer of Huawei, one of China’s biggest tech exporters, had been detained in Vancouver, charged with violating sanctions against Iran, and faced deportation to the US.
The US government has been putting pressure on Western governments in recent weeks to drop support for the company’s 5G infrastructure equipment, amid concerns about its alleged links to Beijing.
Huawei has repeatedly stressed it operates independently of the Chinese authorities, but that has failed to allay Western government’s concerns. BT confirmed earlier this week that it had refused to let the company bid for core parts of its 5G infrastructure.
Neither the National Security Agency in the US, nor the National Cyber Security Centre in the UK have yet passed public comment on the possible identity of the Marriott attacker.
While the two agencies have attributed widespread cyber attacks to Russia and North Korea in the past, they have historically been more reserved about discussing Chinese cyber activity.
The UK government now faces the difficult challenge of allaying the Trump administration’s concerns about Chinese technology, without damaging its links with Beijing as it attempts to strike closer trade links after Brexit.