American computer security experts have discovered the largest number of cyber attacks to date, involving penetration of 72 organizations networks, including the UN, governments or companies worldwide, informs Reuters on Wednesday.
Security company McAfee, of Boston, which discovered the attacks, said that there is a “state actor” behind them, but declined to name it, although some experts in the field appreciate the evidence indicates the involvement of China.
Long list of victims of the five-year-campaign attacks includes the governments of U.S., Taiwan, South Korea, Vietnam and Canada, the Association of Southeast Asian States (ASEAN), the International Olympic Committee (IOC), World Anti-Drug Agency, and a number of companies, from defense contractors, to high-tech companies.
In the UN case, hackers broke into computer networks of the UN General Secretariat in Geneva in 2008, where they remained undetected for nearly two years, digging through a lot of intelligence, according to McAfee.
“Even we were surprised by the enormous diversity of victim organizations and boldness of the attackers”, said McAfee Vice President for threat assessment, Dmitri Alperovitch, in a report released Wednesday.
“What happens to all the data is still an open question. However, if even a fraction of this data is used for making better products or to defeat a competitor in a key negotiation, the economic loss is a massive threat”, he added.
McAfee discovered the magnitude of the cyber attacks in March this year when its researchers have discovered diaries of attacks after an analysis of the operations of a “command and control” server which was discovered in 2009 in an investigation of security breaches at defense companies.
Attacks were generically called “Operation Shady RAT” (Remote Access Tool – type of software used by hackers and security experts to access remotely a computer network) and found out that some of the earliest attacks date from the mid 2006, although business experts recognize that there might be some other undetected intrusions.
Some of the attacks lasted only a month, but the longest, which focused on CIO and an unidentified Asian nation – have continued for 28 months, according to McAfee.
“Companies and government agencies are raped and robbed every day. They lose the economic benefits and national intelligence in the face of unscrupulous competition”, said Alperovitch.
“This is the largest transfer of wealth in terms of intellectual property in history. The scale of this phenomenon is really scary” he said.
Dmitri Alperovitch revealed that McAfee announced all 72 victims of cyber attacks, currently investigated by government agencies worldwide.
Jim Lewis, an expert in the cyber attacks at the Center for Strategic and International Studies informed about the McAfee report findings, believes that China is behind the attacks, as some of the targets would have held information of special interest to Beijing.
For example, computer systems of IOC and other international Olympic committees were penetrated before the Olympic Games in Beijing in 2008. “Everything points towards China. Could be the Russians, but there are more clues about China than Russia”, says Jim Lewis. He added that U.S. and UK have the ability to perform such a series of cyber attacks, but “we do not spy on ourselves and the British we would not spy on us”.
McAfee did not want to comment on the consideration that the alleged “state actor” was China, Reuters notes.
The UN stated that it has knowledge of the report on cyber attacks and that it started an investigation. “We have analyzed our entire network in Geneva”, said deputy spokesman of the UN Secretary General, Farhan Haq, admitting, however, that damages are difficult to quantify if the target of attacks is not exactly known.
Security firm McAfee states that Operation “Shady RAT” is just the tip of the iceberg. “I am convinced that any company in any industry with a significant size and value of intellectual property has been subject to such attacks or will be soon, but most victims do not discover intrusions or their impact”, Alperovitch wrote in the report.