 |
| Analysts work at the National Cybersecurity and Communications Integration Centre in Arlington, Virginia. (Reuters) |
Boston, Aug. 3 (Reuters): Security experts have discovered the biggest series of cyber attacks to date, involving the infiltration of the networks of 72 organisations including the UN, governments and companies around the world.
Security company McAfee, which uncovered the intrusions, said it believed there was one “state actor” behind the attacks but declined to name it, though one security expert who has been briefed on the hacking said the evidence points to China.
The long list of victims in the five-year campaign include the governments of the US, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (Asean); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies, from defence contractors to high-tech enterprises.
In the case of the UN, the hackers broke into the computer system of its secretariat in Geneva in 2008, hid there for nearly two years and quietly combed through reams of secret data, according to McAfee.
“Even we were surprised by the enormous diversity of the victim organisations and were taken aback by the audacity of the perpetrators,” McAfee’s vice-president of threat research, Dmitri Alperovitch, wrote in a 14-page report released today. McAfee learned of the extent of the hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a “command and control” server that they had discovered in 2009 as part of an investigation into security breaches at defence companies.
It dubbed the attacks “Operation Shady RAT” and said the earliest breaches date back to mid-2006, though there might have been other intrusions. (RAT stands for “remote access tool”, a type of software that hackers and security experts use to access computer networks from afar).
Some of the attacks lasted just a month, but the longest — on the Olympic Committee of an unidentified Asian nation — went on and off for 28 months, according to McAfee.
Alperovitch said that McAfee had notified all 72 victims of the attacks, which are under investigation by law enforcement agencies around the world. He declined to give more details. Jim Lewis, a cyber expert with the Center for Strategic and International Studies, said it was very likely China was behind the campaign because some of the targets had information that would be of particular interest to Beijing.
The systems of the IOC and several national Olympic Committees were breached before the 2008 Beijing Games. And China views Taiwan as a renegade province, and political issues between them remain contentious even as economic ties have strengthened in recent years.
Vijay Mukhi, a cyber-expert based in India, says some South Asian governments were highly vulnerable to hacking from China.
“I’m not surprised because that’s what China does, they are gradually dominating the cyberworld,” he said. “I would call it child’s play (for a hacker to get access to Indian government data) ... I would say we’re in the stone age.”
