Largest Series of Global Cyberattacks Uncovered

By: EW News Desk Team   Date: 3 August 2011

About The Author

EW News Desk Team

Latest news about the state of the world economy.

EconomyWatch, News Desk Team

 

  • Dot Div
  •      
03 August 2011

McAfee, a cybersecurity company, issued a report on Wednesday saying that it had identified a single perpetrator of cyberattacks that lasted up to five years on 72 organisations that included governments and businesses. The pattern of targets suggests the attacker was a “state actor” either Eastern Europe or East Asia, and not only broke in but remained embedded in computer systems, quietly siphoning secret data for years.

 

The organisations, which were targeted over the course of a five-year campaign, include the UN, as well as the governments of the US, Taiwan, India, South Korea, Vietnam and Canada.

Also targeted were the Association of Southeast Asian Nations (ASEAN), the International Olympic Committee (IOC) and the World Anti-Doping Agency. Companies ranging in scope from defence to tech were targeted as well.

The long list of victims has left security experts and officials stunned. Dmitri Alperovitch, McAfee's vice-president, stated in the report:

"Even we were surprised by the enormous diversity of the victim organisations and were taken aback by the audacity of the perpetrators."

The attacks, which were discovered in March, date back to mid-2006.

McAfee researchers discovered them while reviewing logs obtained during a 2009 investigation into security breaches at defence companies.

McAfee has dubbed the attacks "Operation Shady Rat". RAT stands for "remote access tool" - a type of software that hackers and security experts use to access computer networks remotely.

A 'massive' threat

Experts are not sure what the perpetrator was seeking to obtain through these attacks. However, many agree that the results could be devastating to victims.

"What is happening to all this data ... is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation [due to having stolen the other team's playbook], the loss represents a massive economic threat," Alperovitch says.

While some attacks only lasted a month, others were much longer. In the case of the UN secretariat in Geneva, hackers quietly raked through secret data for two years.

"Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors. This is the biggest transfer of wealth in terms of intellectual property in history. The scale at which this is occurring is really, really frightening." Alperovitch told Reuters.

McAfee has notified all 72 organisations, and further investigations are under way.

Suspecting China

McAfee has declined to name the "state actor" responsible for the attacks, but one security expert told Reuters that evidence points to China.

Jim Lewis, a cyber-expert with the Center for Strategic and International Studies, a US think-tank, said it is likely that China is behind the cyber-attacks - as some of the targets possessed information that would be of particular interest to the Asian country.

"Everything points to China. It could be the Russians, but there is more that points to China than Russia," Lewis said.

Evidence pointing towards China includes the IOC being hacked before the 2008 Beijing Games and the targeting of Taiwan, a country China considers a renegade province.

Vijay Mukhi, an Indian cyber-expert, told Reuters that some South Asian countries are highly vulnerable to such attacks from China.

"I'm not surprised because that's what China does, they are gradually dominating the cyberworld. I would call it child's play [for a hacker to get access to Indian government data] ... I would say we're in the stone age," he said.

Despite these accusations, China has not commented on the report.

 

blog comments powered by Disqus