McAfee, a cybersecurity company, issued a report on Wednesday saying that it had identified a single perpetrator of cyberattacks that lasted up to five years on 72 organisations that included governments and businesses. The pattern of targets suggests the attacker was a “state actor” either Eastern Europe or East Asia, and not only broke in but remained embedded in computer systems, quietly siphoning secret data for years.
The organisations, which were targeted over the course of a five-year campaign, include the UN, as well as the governments of the US, Taiwan, India, South Korea, Vietnam and Canada.
Also targeted were the Association of Southeast Asian Nations (ASEAN), the International Olympic Committee (IOC) and the World Anti-Doping Agency. Companies ranging in scope from defence to tech were targeted as well.
The long list of victims has left security experts and officials stunned. Dmitri Alperovitch, McAfee's vice-president, stated in the report:
The attacks, which were discovered in March, date back to mid-2006.
McAfee researchers discovered them while reviewing logs obtained during a 2009 investigation into security breaches at defence companies.
McAfee has dubbed the attacks "Operation Shady Rat". RAT stands for "remote access tool" - a type of software that hackers and security experts use to access computer networks remotely.
A 'massive' threat
Experts are not sure what the perpetrator was seeking to obtain through these attacks. However, many agree that the results could be devastating to victims.
While some attacks only lasted a month, others were much longer. In the case of the UN secretariat in Geneva, hackers quietly raked through secret data for two years.
McAfee has notified all 72 organisations, and further investigations are under way.
McAfee has declined to name the "state actor" responsible for the attacks, but one security expert told Reuters that evidence points to China.
Jim Lewis, a cyber-expert with the Center for Strategic and International Studies, a US think-tank, said it is likely that China is behind the cyber-attacks - as some of the targets possessed information that would be of particular interest to the Asian country.
Evidence pointing towards China includes the IOC being hacked before the 2008 Beijing Games and the targeting of Taiwan, a country China considers a renegade province.
Vijay Mukhi, an Indian cyber-expert, told Reuters that some South Asian countries are highly vulnerable to such attacks from China.
Despite these accusations, China has not commented on the report.