Security

Attention, world, you've been pwned! McAfee details global cyber-espionage campaign

McAfee reports that large-scale cyber warfare operations against the U.S. and other global targets have been well underway for five years in an extensive campaign dubbed "Operation Shady Rat."

Just as the two big technical security conferences get underway in Las Vegas this week, security firm McAfee has released its report on "Operation Shady Rat," a cyber-espionage campaign carried out over five years against over 70 targets, including sensitive government, business, and private organization sites -- pretty much anyone with data worth stealing (see the chart below). According to Dmitri Alperovitch from the McAfee Labs blog:

Having investigated intrusions such as Operation Aurora and Night Dragon (systemic long-term compromise of Western oil and gas industry), as well as numerous others that have not been disclosed publicly, I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they've been compromised and those that don't yet know.

Target distribution (click to enlarge) Source: McAfee

Targets include U.S. federal and state government sites; the Canadian, South Korean, and Indian governments; the United Nations; and various communications, energy, business, and industry sites. McAfee is willing to say that it's a government-sponsored attack but declines to name a culprit, although the Washington Post is not so shy about singling out China as the most likely perpetrator: "Report on ‘Operation Shady RAT' identifies widespread cyber-spying."

But James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said "the most likely candidate is China." The target list's emphasis on Taiwan and on Olympic organizations in the run-up to the Beijing Games in 2008 "points to China" as the perpetrator, he said.

...Another computer expert with knowledge of the study, who spoke on the condition of anonymity out of reluctance to blame China publicly, said the intrusions appear to have originated in China.

If you would like to read the full report, you can download the PDF from McAfee.

Additional reading:

Has the United States already suffered its cyberwar Pearl Harbor? (ZDNet)

About

Selena has been at TechRepublic since 2002. She is currently a Senior Editor with a background in technical writing, editing, and research. She edits Data Center, Linux and Open Source, Apple in the Enterprise, The Enterprise Cloud, Web Designer, and...

11 comments
dayen
dayen

I need to learn more realy feel behind, glad I have nothing important on my phone but my computers I am going to be more paranoid about security, so how do I know I have control of my hardware ?

l_creech
l_creech

Is pretty much old news, the real news here is that companies and governments are starting to publicly acknowledge it. I would be willing to speculate that nearly every piece of logic hardware manufactured overseas is suspect, and I generally treat my computers as being something I cannot trust to keep a secret. Same goes for my Epic 4g from Samsung. Make it in the U.S.A. and I will have a bit more faith in it, though in this day and age it is darn near impossible to find any electronics that are even 50% fabbed in the U.S.A., much less 100%. I seriously doubt that even U.S.D.O.D. has 100% U.S.A. made products in the Skunk Works these days due to the price differences. China can win simply by shutting off the supply at this point since we no longer have the capacity or skilled workers to fab/create/manufacture in quantity in the U.S.A. Just my opinion, but I'll stand by it until the cows come home and start building new factories here that employ U.S. citizens. (edited for spelling)

mpukey
mpukey

Our gov't recently announced a cyber warfare group and designated it a "fleet" which implies pretty substantial resources. And they announced a cyber warfare policy (at least a draft of one). It will be interesting to see if there is any official response from the gov't since we now have both the policy and the people.

Slayer_
Slayer_

All our bases are belong to them?

AnsuGisalas
AnsuGisalas

Then check that way for anything undocumented. If you check with wireshark all the packets sent, then figure out what they are, and if they look ok, that's step one. Step two would be to sample the actual output, tap your own wire as it were, to see if the actual output is the same as wireshark picked up. Best would be to have a program compare the two realtime and log discrepancies, since you can't know if whatever it is transmits all the time or just sometimes or perhaps only upon receiving a signal. Other than that, vet your components and just hope. And keep up on the news.

AnsuGisalas
AnsuGisalas

Choice: US Gov't backdoor or one or more of a number of asian Gov'ts back doors... Or all of the above. That'd be the next huge development in VMs, a VM which hides its content from the physical hardware!

seanferd
seanferd

No, they've had serious problems with their supply chain. Including getting used parts from "recycled" computers that the U.S. dumped in China. Where the poor walk among piles of waste electronics, pulling parts, and burning (!) the rest. These parts were supposed to be high-grade milspec parts for use in critical systems (like war planes). There have also been new parts sold to the gov, compromised by design. There were some interesting reports on this a couple years back. The stories would make your head spin.

dayen
dayen

Thank you for the info

AnsuGisalas
AnsuGisalas

Same rules seem to apply. The US (or Mossad) puts Stuxnet to work on iranian nuclear sites => The other side gets to retaliate with what they've been cooking up. Of course, now the other side is a privately operating corporation. In name at least.

Editor's Picks