Insecurity experts at the anti-virus outfit McAfee said that they have discovered the world’s biggest series of cyber attacks.
The attacks have seen the infiltration of the networks of 72 organisations including the United Nations, governments and companies worldwide.
McAfee believes that there was one “state actor” behind the attacks. It did not name it but it appears to be talking about China.
What McAfee has discovered is a five-year campaign against the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and shedloads of companies ranging from defence contractors to high-tech enterprises.
Hackers broke into the computer system of the UN Secretariat in Geneva in 2008, and hid there unnoticed for nearly two years. Shedloads of secret data wrtr sent to China before the attack was noticed.
McAfee’s vice president of threat research, Dmitri Alperovitch, wrote in a 14-page report that he was stunned by the diversity of the victim organisations and taken aback by the audacity of the perpetrators.
It is not clear what is happening to all the data. Some of it might be being used to build better products or beat a competitor at a key negotiation. But the data loss represents a massive economic threat, Alperovitch warned.
McAfee first found evidence of the hacking campaign in March, when its researchers discovered logs of the attacks while reviewing the contents of a “command and control” server that they had discovered in 2009.
The attacks have been dubbed “Operation Shady RAT”, although we would have thought Chinese Takeaway would have been better. The earliest breaches date back to mid-2006, though there might have been other intrusions as yet undetected.
The longest attack was on the Olympic Committee of an unidentified Asian nation which lasted for 28 months, McAfee said.
Alperovitch told Reuters that this is the biggest transfer of wealth in terms of intellectual property in history. He said that the scale at which this is occurring is frightening.
Jim Lewis, a cyber expert with the Center for Strategic and International Studies,said that it was likely that China was behind the campaign because some of the targets had information that would be of particular interest to Beijing.
While the US and Britain have capabilities to pull off this kind of campaign, they would not spy on each other.