Today, McAfee issued a report on Wednesday saying it had identified cyberattacks that lasted for up to five years on a wide range of governments, American corporations and United Nations groups. McAfee announced that had alerted the 72 targets it identified and also informed law enforcement agencies, who are now said to be investigating the matter. For some interesting download the14-page report (link at the bottom of this posting). The report entitled, Operation Shady Rat (love the title!), calls the attacks highly sophisticated and says they appear to have been operated by a government body, which it declined to name.
Although the country was not named, China has repeatedly been the focus of suspicion in such cases. The report comes after high-profile cyberattacks aimed at the International Monetary Fund, Sony and the Lockheed Martin Corporation, America’s largest military contractor.
Although in recent months there have been an alarming number of reports about computer spying, many offer few details, citing concern for the targets’ privacy. Operation Shady Rat offers little detail about the cases, what kinds of documents were stolen or what kind of evidence was found to determine the perpetrator was a government body. The report said that 49 targets were in the United States and that governments, companies, and organizations in Canada, Japan, South Korea, Taiwan, Switzerland and Britain were also targets multiple times.
In the report, McAfee notes that it learned of the hacking campaign last March, when it discovered logs of attacks while reviewing the contents of a server it had discovered in 2009 as part of an investigation into security breaches at defense companies. It dubbed the attacks Operation Shady RAT — RAT stands for remote access tool, a type of software used to access computer networks. The company dated the earliest breaches to mid-2006, though it said other intrusions might have gone undetected. The duration of the attacks ranged from a month to what McAfee said was a sustained 28-month attack against an Olympic committee of an unidentified Asian nation.
Cyber security is now a major international concern, with hackers gaining access sensitive corporate and military secrets, including intellectual property. In some attacks, the culprits are believed to be professional hackers engaged in disrupting an organization’s operations for the sheer pleasure of it (such as the group Anonymous), or perhaps seeking revenge. There are also growing concerns that some of the cyberattacks are being carried out by nation-states, particularly after Google said last year that Chinese hackers stole some of the company’s source code. Many security experts say the Chinese government has built up a sophisticated cyber warfare unit and that the government may be partnering with professional hackers.
If you haven’t spoken with your Information Security group in your organization about their current plans regarding cyber security, you might want to move this up on your to-do-list and forward them a copy of this white paper.
McAfee White Paper: Operation Shady RAT: http://www.mcafee.com/us/mcafee-labs.aspx