A diagram categorizes the victims of the attacks by industry
(WEB HOST INDUSTRY REVIEW) — More than 70 computer networks of public and private-sector organizations in 14 countries have been infiltrated by hackers in a scheme dubbed “Operation Shady RAT” by McAfee (www.mcafee.com) security experts.
According to a report released Wednesday, over the past five to six years, intellectual property belonging to US defense contractors, US International Trade Organization, network security firms, accounting firms and government agencies has been compromised in a hack that researchers believe has “been one specific operation conducted by a single actor/group.”
The report points toward China as the state actor behind the attacks because many of the targets were hit around the time of the 2008 Beijing Olympics, including the Asian and Western national Olympic committees, the International Olympic committee and the World Ant-Doping Agency.
Nearly 50 of the victims are US-based, while Canada, South Korea and Taiwan all had three. The other target countries included Japan, Switzerland, UK, Indonesia, Vietnam, Denmark, Singapore, Hong Kong, Germany and India.
“I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact,” Dmitri Alperovitch, VP threat research, McAfee, said in the report.
Though it is unclear what has been done with “petabytes” of information, Alperovitch says the classified data includes “closely guarded national secrets (including from classified government networks), source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts, SCADA configurations, design schematics” and more.
The report says that although it would appear that cyberattacks have been on the rise, these kinds of hacks have “occurred relentlessly for at least a half decade.” Attacks by LulzSec and Anonymous have been unsophisticated and opportunistic with the main motivating factor being fame, according to the report. These have captured the public, and the media, and brought less attention towards the hacks that the report says “present a far greater threat to companies and governments.”
A month ago, the US Department of Defense issued a cybersecurity strategy to include traning US Armed Froces in cybersecurity and classify some cyberattacks as an act of war.
About Nicole Henderson
Nicole Henderson writes full-time for the Web Host Industry Review where she covers daily news and features online, as well as in print. She has a bachelor of journalism from Ryerson University in Toronto, and has been writing for the WHIR since September 2010. You can find her on Twitter @NicoleHenderson.
No related posts.
