In what seems like the world’s biggest cyber attack, researchers at Internet security company McAfee, have discovered a series of hacks. This major hacking spree has affected networks of around 72 organizations, which include the government of India, U.S., Canada and several others. McAfee have termed this hacking as Operation Shady RAT and haven't revealed any details about the hack.
72 countries have been infiltrated
McAfee claims that these hacks are not recent, and have been going on for the last five years. In their blog post they've stated that they had gained access to one specific Command & Control server used by the intruders. They had also collected logs that reveal the full extent of the victim population since mid-2006, when the log collection began. The Indian Government Agency had been targeted from September 2010, and the hacks went on for two months.
Dmitri Alperovitch, Vice President of McAfee’s Threat Research unit, wrote in a blog, “After painstaking analysis of the logs, even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators.”
The cyber security company reveals that they do know who are behind these attacks, but will refrain from revealing who they are. Indications are pointing towards the fact that these hackers may be from China, as their targets include Taiwan, Japan and Korea. China was not included in the list of countries affected. Beijing has been actively occupied with virtual espionage to try and steal intellectual property and state secrets.
The victim count
The post from McAfee claims that the hacking campaign intended to steal closely guarded national secrets, source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts, SCADA configurations, design schematics, and much more. This information is mostly from the U.S. with 49 of the 72 targets located there.
The report goes on to say that hackers had infiltrated the Association of South East Asian Nations Secretariat for 10 months starting in October 2006. This was one month before the organization’s annual summit in Singapore. Another indication that the hackers could be Chinese is the fact that China is not a part of the ASEAN.
Dmitri Alperovitch wrapped up by saying, “This is a problem of massive scale that affects nearly every industry and sector of the economies of numerous countries, and the only organizations that are exempt from this threat are those that don’t have anything valuable or interesting worth stealing.”