Governments, IOC and UN hit by massive cyber attack

Gerald · 08-03-11, 08:56 AM

IT security firm McAfee claims to have uncovered one of the largest ever series of cyber attacks.

It lists 72 different organisations that were targeted over five years, including the International Olympic Committee, the UN and security firms.

McAfee will not say who it thinks is responsible, but there is speculation that China may be behind the attacks.

Beijing has always denied any state involvement in cyber-attacks, calling such accusations "groundless".

Speaking to BBC News, McAfee's chief European technology officer, Raj Samani, said the attacks were still going on.

"This is a whole different level to the Night Dragon attacks that occurred earlier this year. Those were attacks on a specific sector. This one is very, very broad."

Dubbed Operation Shady RAT - after the remote access tool that security experts and hackers use to remotely access computer networks - the five-year investigation examined information from a number of different organisations which thought they may have been hit.

"From the logs we were able to see where the traffic flow was coming from," said Mr Samani.

"In some cases, we were permitted to delve a bit deeper and see what, if anything, had been taken, and in many cases we found evidence that intellectual property (IP) had been stolen.

"The United Nations, the Indian government, the International Olympic Committee, the steel industry, defence firms, even computer security companies were hit," he added.

China speculation

McAfee said it did not know what was happening to the stolen data, but it could be used to improve existing products or help beat a competitor, representing a major economic threat.

"This was what we call a spear-phish attack, as opposed to a trawl, where they were targeting specific individuals within an organisation," said Mr Samani.

"An email would be sent to an individual with the right level of access within the system; attached to the message was a piece of malware which would then execute and open a channel to a remote website giving them access.

"Once they had access to an organisation, they either did what we would call a 'smash-and-grab' operation, where they would try and grab as much information before they got caught, or they sometimes embedded themselves in the network and [tried to] spread across different systems within an organisation."

Mr Samani said his firm would "not make any guesses on where this has come from", but China is seen by many in the industry as a prime suspect.

Jim Lewis, a cyber expert with the Centre for Strategic and International Studies, was quoted by the Reuters news agency as saying it was "very likely China was behind the campaign because some of the targets had information that would be of particular interest to Beijing".

http://www.bbc.co.uk/news/technology-14387559

Note: 3 August 2011 Last updated at 12:45 GMT

08-03-11, 08:56 AM	#1
Gerald SUBSIM Newsman Join Date: May 2008 Location: Close to sea Posts: 24,254 Downloads: 553 Uploads: 0	Governments, IOC and UN hit by massive cyber attack IT security firm McAfee claims to have uncovered one of the largest ever series of cyber attacks. It lists 72 different organisations that were targeted over five years, including the International Olympic Committee, the UN and security firms. McAfee will not say who it thinks is responsible, but there is speculation that China may be behind the attacks. Beijing has always denied any state involvement in cyber-attacks, calling such accusations "groundless". Speaking to BBC News, McAfee's chief European technology officer, Raj Samani, said the attacks were still going on. "This is a whole different level to the Night Dragon attacks that occurred earlier this year. Those were attacks on a specific sector. This one is very, very broad." Dubbed Operation Shady RAT - after the remote access tool that security experts and hackers use to remotely access computer networks - the five-year investigation examined information from a number of different organisations which thought they may have been hit. "From the logs we were able to see where the traffic flow was coming from," said Mr Samani. "In some cases, we were permitted to delve a bit deeper and see what, if anything, had been taken, and in many cases we found evidence that intellectual property (IP) had been stolen. "The United Nations, the Indian government, the International Olympic Committee, the steel industry, defence firms, even computer security companies were hit," he added. China speculation McAfee said it did not know what was happening to the stolen data, but it could be used to improve existing products or help beat a competitor, representing a major economic threat. "This was what we call a spear-phish attack, as opposed to a trawl, where they were targeting specific individuals within an organisation," said Mr Samani. "An email would be sent to an individual with the right level of access within the system; attached to the message was a piece of malware which would then execute and open a channel to a remote website giving them access. "Once they had access to an organisation, they either did what we would call a 'smash-and-grab' operation, where they would try and grab as much information before they got caught, or they sometimes embedded themselves in the network and [tried to] spread across different systems within an organisation." Mr Samani said his firm would "not make any guesses on where this has come from", but China is seen by many in the industry as a prime suspect. Jim Lewis, a cyber expert with the Centre for Strategic and International Studies, was quoted by the Reuters news agency as saying it was "very likely China was behind the campaign because some of the targets had information that would be of particular interest to Beijing". http://www.bbc.co.uk/news/technology-14387559 Note: 3 August 2011 Last updated at 12:45 GMT __________________ Nothing in life is to be feard,it is only to be understood. Marie Curie