Chinese hacket looking for strategic secrets have conducted the largest cyber-espionage attacks in history, targeting the United Nations, the International Olympic Committee, ASEAN and the World Anti-Doping Agency, Vanity Fair reports.
Dubbed “Operation Shady RAT,” the clandestine effort compromised trade secrets and captured sensitive government information from 72 global organizations over a five-year period. “RAT” is short for Remote Access Tool, according to Vanity Fair‘s Michael Joseph Gross.
Starting in 2006, writes Gross, Shady RAT gained illicit access to various “government secrets, e-mail archives, legal contracts, negotiation plans for business activities, and design schematics.”
“In recent months, Sony, Fox, the British National Health Service, and the Web sites of PBS, the U.S. Senate, and the C.I.A., among others, have all fallen victim to highly publicized cyber-attacks,” observes Tina Nguyen on the Daily Caller internet news site. “The cyber-security firm McAfee uncovered the online attack and believes the security breaches may threaten the national security and economies of several countries.”
“It’s clear from this and other attacks we’ve been witnessing that there is an unprecedented transfer of wealth in the form of trade secrets and I.P. [intellectual property], primarily from Western organizations and companies, falling off the truck and disappearing into massive electronic archives,” believes Dmitri Alperovitch, McAfee’s vice president of threat research.
“What is happening to this data?” Alperovitch asked. “Is this being accumulated in a giant, Indiana Jones–type warehouse? Or is it being used to create new products? If it’s the latter, we won’t know for a number of years. But if so, it’s not just a problem for these companies, but also for the governments of the countries where these companies are located, because they’re losing their economic advantage to competitors in other parts of the world overnight. That is a national-security problem, insofar as it leads to loss of jobs and lost economic growth. That’s a serious threat.”
So far, few — including McAfee — will publicly speculate on where the attacks originated. Some security experts, however, believe the breaches are somehow connected to China.
The Vanity Fair article continues:
In an interview with The Washington Post, Center for Strategic and International Studies cybersecurity expert James A. Lewis cited the attack’s emphasis on Taiwan and Olympic organizations in the run-up to the Beijing Games in 2008.
Operation Shady rat ranks with Operation Aurora (the attack on Google and many other companies in 2010) as among the most significant and potentially damaging acts of cyber-espionage yet made public. Operation Shady rat has been stealing valuable intellectual property (including government secrets, e-mail archives, legal contracts, negotiation plans for business activities, and design schematics) from more than 70 public- and private-sector organizations in 14 countries. The list of victims, which ranges from national governments to global corporations to tiny nonprofits, demonstrates with unprecedented clarity the universal scope of cyber-espionage and the vulnerability of organizations in almost every category imaginable. In Washington, where policymakers are struggling to chart a strategy for combating cyber-espionage, Operation Shady rat is already drawing attention at high levels. Last week, Alperovitch provided confidential briefings on Shady rat to senior White House officials, executive-branch agencies, and congressional-committee staff. Senator Dianne Feinstein (D-CA), chairman of the Senate Select Committee on Intelligence, reviewed the McAfee report on Shady rat and wrote in an e-mail to Vanity Fair:“This is further evidence that we need a strong cyber-defense system in this country, and that we need to start applying pressure to other countries to make sure they do more to stop cyber hacking emanating from their borders.” McAfee says that victims include government agencies in the United States, Taiwan, South Korea, Vietnam, and Canada, the Olympic committees in three countries, and the International Olympic Committee. Rounding out the list of countries where Shady rat hacked into computer networks: Japan, Switzerland, the United Kingdom, Indonesia, Denmark, Singapore, Hong Kong, Germany, and India. The vast majority of victims—49—were U.S.-based companies, government agencies, and nonprofits. The category most heavily targeted was defense contractors—13 in all.
In addition to the International Olympic Committee, the only other victims that McAfee has publicly named are the World Anti-doping Agency, the United Nations, and ASEAN, the Association of Southeast Asian Nations (whose members are Indonesia, Malaysia, the Philippines, Singapore, Thailand, Brunei, Burma [Myanmar], Cambodia, Laos, and Vietnam).
In an e-mail to vanityfair.com, I.O.C. communications director Mark Adams wrote, “If proved true, such allegations would be disturbing. However, the IOC is transparent in its operations and has no secrets that would compromise either our operations or our reputation.” WADA spokesman Terence O’Rourke wrote in an e-mail that “WADA is constantly alert to the dangers of cyber hacking and maintains a vigilant security system on all of its computer programs.” He added that “WADA’s Anti-Doping Administration & Management System (ADAMS), which is on a completely different server to WADA’s emails, has never been compromised and remains a highly-secure system for the retention of athlete data.”
A prominent cyber-security expert who was briefed by McAfee on the intrusions says that the Associated Press was also a victim. McAfee declined to comment on that suggestion. Jack Stokes, A.P. media-relations manager, said, “We don’t comment on our network security,” when I asked if it was true that the A.P. was among Shady rat’s victims. Alperovitch believes the hacking was state-sponsored, pointing to Shady rat’s targeting of Olympic committees and political nonprofits as evidence, and contending that “[t]here’s no economic gain” to spying on them. Citing McAfee company policy, he refused to speculate on which country was behind Shady rat.
One leading cyber-espionage expert, however, thinks the likely culprit’s identity is clear. “All the signs point to China,” says James A. Lewis, director and senior fellow of the Technology and Public Policy Program at the Center for Strategic and International Studies, adding, “Who else spies on Taiwan?”
Read Previous Post