Written by According to an August 2011 study on online hacking by cyber security software company McAfee, networks of nearly 72 organizations including the UN, governments and companies across the world have fallen victim to online hacking attacks since 2006. Besides making this sensational revelation on online hacking, McAfee has also stated that there was a “state factor” behind the online hacking attacks. However, the company shied away from identifying that factor more concretely, leaving a lot of gaps to be filled in by the wild imaginings of online hacking conspiracy theorists.
Online Hacking Weblog: The Victim Parade
McAfee says in a release that a number of organizations which includes the governments of
the US, India, South Korea, Vietnam, Canada and Taiwan, as well as groups such as ASEAN, IOC, WADA and several high-tech enterprises have fallen prey to a concerted, coordinated five-year online hacking campaign that was far from random, and was orchestrated as part of a larger, deeper strategy targeted at these governments.
McAfee had notified all 72 victims of the attacks, which are under investigation by law enforcement agencies around the world.
McAfee revealed in its report that the hackers managed to steal data from the computer networks of the UN Secretariat in Geneva for nearly two years. McAfee learned of the extent of the online hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a “command and control” server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.
Discovering Operation Shady RAT
McAfee discovered what it calls as Operation Shady RAT, which was used by the intruders for hacking into the online systems. The company then collected logs that revealed the huge volume of cyber attacks since mid-2006.
According to sources within McAfee, the enormous diversity of the victim organizations and the audacity of the perpetrators was disconcerting even for the seasoned cyber security professionals who’re part of McAfee’s threat research team.
McAfee says in its report that as many as eight organizations were victims of online hacking in 2006. The number increased to 29 by 2007. The number of victimized organized continued to increase in following years as it peaked at 38 in 2009 before a slump in online hacking activity. The slump was perhaps due to the widespread availability of the online hacking countermeasures for the specific intrusion indicators used by this specific perpetrator.
What is happening to all this data obtained through online hacking is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook through online hacking), the loss represents a massive economic threat.
Some of the attacks lasted just a month, but the longest—on the Olympic Committee of an unidentified Asian nation—went on and off for 28 months, according to McAfee. A McAfee spokesperson further made an as yet unsubstantiated claim that this was the biggest transfer of wealth in terms of intellectual property in history. There’s certainly no doubt that the scale at which this is occurring is disturbing.
Is China Behind the Online Hacking Attacks?
Responding the report, cyber security experts with the Center for Strategic and International Studies stated their belief that it is China that is behind the online hacking campaign, which they claim is indicated by the fact that most of the stolen information was of particular interest to China.
The systems of the IOC and several national Olympic Committees were breached before the 2008 Beijing Games. And China views Taiwan as a renegade province, and political issues between them remain contentious even as economic ties have strengthened in recent years.
This claim was not commented on either by McAfee, or any representatives of the Chinese government. Concerns regarding the report and its potential effects have been escalated to a level where they have come to the attention of UNO, which has started as investigation into the matter.
A Pentagon spokesperson, Air Force Lieutenant Colonel April Cunningham stuck to the official version that the attackers are as yet unidentified. However, Cunningham has also stated that the Department of Defense has already reported to the Congress in 2010 regarding the active pursuit of cyber capabilities initiated by China, with an aim to ex-filtrate sensitive information of a strategic or military utility.
McAfee had published this report earlier this year to coincide with the commencement of the annual Black hat conference in Las Vegas, a confluence of cyber security professionals with a focus to fighting online hacking and cyber crime.