waltky
Wise ol' monkey
Operation Shady Rat...
Massive global cyberattack hits US hard: Who could have done it?
August 3, 2011 - Cybersecurity firm McAfee says it infiltrated a 'command and control' server with detailed logs of five years of cyberattacks against targets ranging from the US government to the World Anti-Doping Agency. McAfee suggests a country was behind it. Experts suspect China.
See also:
"State actor" behind slew of cyber attacks
- Security experts have discovered an unprecedented series of cyber attacks on the networks of 72 organizations globally, including the United Nations, governments and corporations, over a five-year period.
Massive global cyberattack hits US hard: Who could have done it?
August 3, 2011 - Cybersecurity firm McAfee says it infiltrated a 'command and control' server with detailed logs of five years of cyberattacks against targets ranging from the US government to the World Anti-Doping Agency. McAfee suggests a country was behind it. Experts suspect China.
Cyberspies believed to be working for a national government for the past five years have stolen vast amounts of classified, sensitive, or proprietary information from at least 72 companies and government and nonprofit groups in 14 countries, with the bulk of the victims in the United States, a major cybersecurity firm is reporting. What we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth, the reports co-author, Dmitri Alperovitch, a vice president of Santa Clara, Calif.-based McAfee, wrote on his blog.
Targets of the information theft included the US federal and state governments, county governments, and Canadian, South Korean, Vietnamese, Taiwanese, and Indian governments. Among other targets: defense contractors, the United Nations, prodemocracy groups, and individual companies in the steel, energy, solar power, electronics, and computer security industries.
What distinguishes this new report from others in the recent past is its level of detail, some cybersecurity experts said. In part that could be because the perpetrators created detailed logs of their exploits on a command and control server that McAfee was able to infiltrate.
Closely guarded national secrets (including from classified government networks), source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts,... and much more has fallen off the truck of numerous, mostly Western companies and disappeared in the ever-growing electronic archives of dogged adversaries, Mr. Alperovitch wrote.
'Massive economic threat'
See also:
"State actor" behind slew of cyber attacks
- Security experts have discovered an unprecedented series of cyber attacks on the networks of 72 organizations globally, including the United Nations, governments and corporations, over a five-year period.
Security company McAfee, which uncovered the intrusions, said it believed there was one "state actor" behind the attacks but declined to name it, though several other security experts said the evidence points to China. The long list of victims in the extended campaign include the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies, from defense contractors to high-tech enterprises.
In the case of the United Nations, the hackers broke into the computer system of its secretariat in Geneva in 2008, hid there for nearly two years, and quietly combed through reams of secret data, according to McAfee. "Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," McAfee's vice president of threat research, Dmitri Alperovitch, wrote in a 14-page report released on Wednesday. "What is happening to all this data ... is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team's playbook), the loss represents a massive economic threat."
McAfee learned of the extent of the hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a "command and control" server that they had discovered in 2009 as part of an investigation into security breaches at defense companies. It dubbed the attacks "Operation Shady RAT" and said the earliest breaches date back to mid-2006, though there might have been other intrusions. (RAT stands for "remote access tool," a type of software that hackers and security experts use to access computer networks from afar).
Some of the attacks lasted just a month, but the longest -- on the Olympic Committee of an unidentified Asian nation -- went on and off for 28 months, according to McAfee. "Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors," Alperovitch told Reuters. "This is the biggest transfer of wealth in terms of intellectual property in history," he said. "The scale at which this is occurring is really, really frightening."
CHINA CONNECTION?