Security company McAfee has uncovered a new series of cyber attacks, which, according to security experts, is the biggest ever discovered. The intrusions involve permeation of the networks of 72 organizations that include the United Nations, governments and companies across the world.
McAfee said that there was one "state actor" behind the attacks, but didn't name it. However, one security expert close to the matter revealed that the evidence is against China.
The victims of the five-year-long campaign, dubbed as "Operation Shady RAT", include an enormous diversity of the victim organizations like the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada. The list of victims also comprises companies, ranging from defense contractors to high-tech enterprises.
The word RAT in the term "Operation Shady RAT" stands for "remote access tool", a type of software used by hackers and security experts to access computer networks.
As part of an inquiry into security breaches at defense companies in 2009, McAfee researchers discovered a "command and control" server. Back in March this year, the researchers reviewed the contents of the server and found out logs of the cyber attacks.
McAfee said the hackers hacked the computer systems of the UN Secretariat in Geneva in 2008. What's more shocking was that they stayed unnoticed for almost two years and managed to scan trough plenty of confidential data.
"What is happening to all this data ... is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team's playbook), the loss represents a massive economic threat," McAfee's vice president of threat research, Dmitri Alperovitch, wrote in a 14-page report released on Wednesday.
According to McAfee, the earliest security breaches date back to mid-2006; however, there could be other intrusions that might have remained undetected.
The longest attack was on the Olympic Committee of an unidentified Asian nation that lasted for 28 months. There were some other attacks as well that lasted for just one month, the security firm said.
Is it China behind the attacks?
Although McAfee declined to specify the "state actor" behind the series of hackings, a security expert named Jim Lewis said that based on information that some of the targets had, it's likely to be China, who was behind the campaign.
Hackers broke into the systems of the IOC and several national Olympic Committees in the run-up to the 2008 Beijing Games. Another fact that pointed to China is that it considers Taiwan, one of the victims of the attack, as a rebel province. Although the economic ties between them have been reinforced in recent years, political issues are still contentious.
"Everything points to China. It could be the Russians, but there is more that points to China than Russia," Reuters quoted Lewis as saying.
Meanwhile, the UN said that an investigation has been started to determine whether there was any intrusion.
The controversial report has come from McAfee at a time when the Black Hat conference kicks off on Wednesday in Las Vegas. In the conference, experts will disclose security issues in commonly used software, computers, services and electronics to promote cyber security.