A five-year campaign compromised networks in 72 major organizations around the world, including several governments, ASEAN, IOC and the world anti-doping agency. Government agencies in India, South Korea, Taiwan, and the U.S. were attacked, plus high-profile targets like the International Olympic Committee.
"Operation Shady RAT," an effort by a single hacker or group of hackers reported to be from China, penetrated multiple U.S. government agencies, the United Nations, foreign governments, and many technology companies and defense contractors, a McAfee report disclosed Wednesday.
The operation uncovered several cyber attacks occurring to date, where hackers were found to have broken into networks of the Indian government, United Nations and US defense companies, security experts say.
"The interest in the information held at the Asian and Western national Olympic Committees, as well as the International Olympic Committee (IOC) and the World Anti-Doping Agency in the lead-up and immediate follow-up to the 2008 Olympics was particularly intriguing and potentially pointed a finger at a state actor behind the intrusions, because there is likely no commercial benefit to be earned from such hacks," Alperovitch wrote in the report.
The networks breached included U.N. secretariat in Geneva, a U.S. Energy Department lab and 12 major U.S. Defence firms engaged in top secret futuristic weapons system, the report said.
“The cyber snooping appears to have been going on for several years,” the report said, tracing the hacking to at least one “state actor” behind the attack, but declined to name it. “We were taken aback by the audacity of the perpetrators,” McAfee vice president Dmitri Alperovitch remarked in a 14-page sensational report released today.
“What is happening to all this data...is still largely an open question. However, if even a fraction of it is used to build better competing products or beat competitors at key negotiations, the loss will represent a massive economic threat,” he added.
McAfee said it believed there was one "state actor" behind the attacks but declined to name it, though one security expert who has been briefed on the hacking said the evidence points to China. There was no comment from China on the report.