McAfee Report on Shady RAT is Nothing Surprising
Security firm McAfee recently revealed a widespread hacker attack and intrusion on several government agencies, including the United Nations.
The five year effort has been named Operation Shady RAT and McAfee says there were 72 overall victims across a variety of industries, most of which were in the United States. Of the victims, six were in the U.S. Federal Government, five in the U.S. state government and three in the U.S. county government. There were 49 overall attacks on the U.S.
There were other government based victims in South Korea, Vietnam, Canada and Taiwan. Also targeted was the Asian and Western national Olympic Committees, as well as the International Olympic Committee (IOC). There was also an attack on the World Anti-Doping Agency in the lead up to the 2008 Olympics.
With this information, McAfee's vice president of threat research Dmitri Alperovich said there was potentially a "state" actor behind the intrusions. He said there was no economic gains behind some of these hacks.
"The presence of political non-profits, such as the a private western organization focused on promotion of democracy around the globe or U.S. national security think tank is also quite illuminating. Hacking the United Nations or the ASEAN (Association of Southeast Asian Nations) Secretariat is also not likely a motivation of a group interested only in economic gains," Alperovich said in a blog post.
Alperovich said the intrusions peaked in 2008 and 2009 which saw 36 and 38 victims in each of those years. In the past few years, it has fallen to 17 victims in 2010 and only nine thus far in 2011.
Some in the media are suspecting China is the "state actor" behind Shady RAT. According to an article in Vanity Fair, James A. Lewis, senior fellow at the Center for Strategic and International Studies, said all signs point to China.
According to Graham Cluey, senior technology consultant at Sophos, the information of a widespread hack attack on government agencies is nothing new.
"To be honest, there's nothing particularly surprising in McAfee's report to those of us who have an interest in computer security," said Cluey in a blog post. "For instance, we already all know that companies get targeted by hackers, who install malware to gain remote access to their computers and data. And we already all know that there are motivations for hacking which extend beyond purely financial (for instance, IP theft, economic, political, etc motivations)."
Cluey said the report didn't make certain what information was stolen. Without that information, he said you cannot consider Operation Shady RAT the biggest ever cyber attack, which is what some have called it.
He also said the report implying the state actor is China also would mean the whole operation wouldn't exactly be news.
"I don't think we should be naive. I'm sure China does use the internet to spy on other countries," he said. "But I'm equally sure that just about *every* country around the world is using the internet to spy. Why wouldn't they? It's not very hard, and it's certainly cost effective compared to other types of espionage."
Follow Gabriel Perna on Twitter at @GabrielSPerna
© Copyright IBTimes 2024. All rights reserved.