Security Firm Uncovers Mass Cyber Attack On Governments And UN
Security firm McAfee has published a report revealing a mass cyber infiltration of 72 networks, including breaches of the governments of the United States, India, South Korea, Vietnam, Canada and Taiwan.
The hacking, which took place over a five-year period, also targeted companies, particularly energy and communication industries, along with global organisations such as the Olympic International Committee (IOC) down to several small non-profit think tanks.
Even the United Nations was penetrated, with the report suggesting that the UN’s Geneva office was leaking information via the hack for more than two years.
McAfee has declined to name those responsible, beyond saying it was a “state actor”. However, industry commentators are speculating that China was behind the breach.
According to Dmitri Alperovitch, McAfee’s vice-president of threat research who authored the report along with cyber security engineer Adam Meyers, the data loss could represent “a massive economic threat”, especially if the stolen information is being used to “build better competing products or beat a competitor at a key negotiation”.
“Even we were surprised by the enormous diversity of the victim organisations and were taken aback by the audacity of the perpetrators,” wrote Alperovitch.
The intrusions were first detected in March following research into the hacking of defence industry contractors. The company then extended its investigation, uncovering a series of illegal incursions into networks stretching back to 2006 using a remote access tool. The operation was hence named Shady Rat (after Remote Access Tool).
Speaking to Reuters, Alperovitch said: “Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors. This is the biggest transfer of wealth in terms of intellectual property in history.”
But Professor Peter Sommer, an expert on information risk and security working at the London School of Economics, offered a mixed reaction to the report.
"Both Dmitri Alperovitch, McAfee's employee, and Adam Meyer of SRA have good reputations," he told the Huffington Post UK.
"For me the real test is how carefully they have interpreted the logs on the rogue command and control server they say they have been able to access.
"I would like to know the circumstances by which they got access and also why they think the server existed for quite so long - from the perspective of the perpetrators that's quite a risk. To call it the 'biggest cyber attack in history' doesn't tell us what is being measured.
"Do the logs say more than indicate the targets and the length of time surveillance took place? The authors don't know what was taken, what the value might be, or what the real motivation was? But never forget McAfee is in the business of selling anti-malware product and services, so understatement is unlikely."
According to the report, all 72 of the victims have been informed.