[LINK] Spy and Counter-Spy
Roger Clarke
Roger.Clarke at xamax.com.au
Thu Aug 4 07:33:52 AEST 2011
The most interesting aspect of the McAfee promo below is this bit:
"McAfee learned of the extent of the hacking campaign in March this
year, when its researchers discovered logs of the attacks while
reviewing the contents of a "command and control" server that they
had discovered in 2009 as part of an investigation into security
breaches at defence companies."
So, let me see, the break-ins were discovered by means of ... a break-in.
('How *dare* they hack into my command-and-control server??').
Biggest-ever series of cyber attacks uncovered
ITnews
Jim Finkle
Aug 4, 2011 6:30 AM (57 minutes ago)
http://www.itnews.com.au/News/265782,biggest-ever-series-of-cyber-attacks-uncovered.aspx
Networks of 72 organisations infiltrated.
Security experts have discovered the biggest series of cyber attacks
to date, involving the infiltration of the networks of 72
organisations including the United Nations, governments and companies
around the world.
Security company McAfee, which uncovered the intrusions, said it
believed there was one "state actor" behind the attacks but declined
to name it, though one security expert who has been briefed on the
hacking said the evidence points to China.
The long list of victims in the five-year campaign include the
governments of the United States, Taiwan, India, South Korea, Vietnam
and Canada; the Association of Southeast Asian Nations (ASEAN); the
International Olympic Committee (IOC); the World Anti-Doping Agency;
and an array of companies, from defence contractors to high-tech
enterprises.
In the case of the United Nations, the hackers broke into the
computer system of its secretariat in Geneva in 2008, hid there for
nearly two years, and quietly combed through reams of secret data,
according to McAfee.
"Even we were surprised by the enormous diversity of the victim
organizations and were taken aback by the audacity of the
perpetrators," McAfee's vice president of threat research, Dmitri
Alperovitch, wrote in a 14-page report released on Wednesday.
"What is happening to all this data ... is still largely an open question.
However, if even a fraction of it is used to build better competing
products or beat a competitor at a key negotiation (due to having
stolen the other team's playbook), the loss represents a massive
economic threat."
McAfee learned of the extent of the hacking campaign in March this
year, when its researchers discovered logs of the attacks while
reviewing the contents of a "command and control" server that they
had discovered in 2009 as part of an investigation into security
breaches at defence companies.
It dubbed the attacks "Operation Shady RAT" and said the earliest
breaches date back to mid-2006, though there might have been other
intrusions.
RAT stands for "remote access tool," a type of software that hackers
and security experts use to access computer networks from afar.
Some of the attacks lasted just a month, but the longest -- on the
Olympic Committee of an unidentified Asian nation -- went on and off
for 28 months, according to McAfee.
"Companies and government agencies are getting raped and pillaged
every day. They are losing economic advantage and national secrets to
unscrupulous competitors," Alperovitch told Reuters.
"This is the biggest transfer of wealth in terms of intellectual
property in history," he said. "The scale at which this is occurring
is really, really frightening."
...
--
Roger Clarke http://www.rogerclarke.com/
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
Visiting Professor in the Cyberspace Law & Policy Centre Uni of NSW
Visiting Professor in Computer Science Australian National University
More information about the Link
mailing list