Security

Attention, world, you've been pwned! McAfee details global cyber-espionage campaign

McAfee reports that large-scale cyber warfare operations against the U.S. and other global targets have been well underway for five years in an extensive campaign dubbed "Operation Shady Rat."

Just as the two big technical security conferences get underway in Las Vegas this week, security firm McAfee has released its report on "Operation Shady Rat," a cyber-espionage campaign carried out over five years against over 70 targets, including sensitive government, business, and private organization sites — pretty much anyone with data worth stealing (see the chart below). According to Dmitri Alperovitch from the McAfee Labs blog:

Having investigated intrusions such as Operation Aurora and Night Dragon (systemic long-term compromise of Western oil and gas industry), as well as numerous others that have not been disclosed publicly, I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they've been compromised and those that don't yet know.

Target distribution (click to enlarge) Source: McAfee

Targets include U.S. federal and state government sites; the Canadian, South Korean, and Indian governments; the United Nations; and various communications, energy, business, and industry sites. McAfee is willing to say that it's a government-sponsored attack but declines to name a culprit, although the Washington Post is not so shy about singling out China as the most likely perpetrator: "Report on ‘Operation Shady RAT' identifies widespread cyber-spying."

But James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said "the most likely candidate is China." The target list's emphasis on Taiwan and on Olympic organizations in the run-up to the Beijing Games in 2008 "points to China" as the perpetrator, he said.

...Another computer expert with knowledge of the study, who spoke on the condition of anonymity out of reluctance to blame China publicly, said the intrusions appear to have originated in China.

If you would like to read the full report, you can download the PDF from McAfee.

Additional reading:

Has the United States already suffered its cyberwar Pearl Harbor? (ZDNet)

About

Selena has been at TechRepublic since 2002. She is currently a Senior Editor with a background in technical writing, editing, and research. She edits Data Center, Linux and Open Source, Apple in the Enterprise, The Enterprise Cloud, Web Designer, and...

Editor's Picks