New York: In the biggest ever series of cyber attacks uncovered to date, hackers were found to have broken into networks of the Indian government, United Nations and US defense companies, with security experts pointing to China as the culprit.
Seventy-two organisations, including major US defense groups, have been victims of the cyber attack that began in 2006, making it one of the largest concerted hacking attempt in history, security firm McAfee, which reported the intrusions, said.
Dubbed "Operation Shady RAT", the cyber attack was the handiwork of single hacker or group of hackers. It infiltrated multiple US government agencies, the UN, foreign governments and several technology companies and defense contractors.
The long list of victims in the five-year campaign include the governments of the US, India, Taiwan, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency, US Energy Department lab as well as agencies and companies in Denmark, Germany, Indonesia and Singapore, the McAfee report said.
The hackers also allegedly broke into the computer system of the UN Secretariat in Geneva in 2008, accessing secret data for nearly two years.
McAfee said there was one "state actor" behind the attacks, but did not divulge the name.
However, according to reports, experts who have been briefed on the hacking say the finger points to China.
"The interest in the information held at the Asian and Western national Olympic Committees, as well as the International Olympic Committee (IOC) and the World Anti-Doping Agency in the lead-up and immediate follow-up to the 2008 Olympics was particularly intriguing and potentially pointed a finger at a state actor behind the intrusions, because there is likely no commercial benefit to be earned from such hacks," Alperovitch added.
McAfee said it has notified the 72 victims of the attacks and investigations are being conducted by law enforcement agencies around the world.
"Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," McAfee's vice-president of threat research, Dmitri Alperovitch said in the report.
"What is happening to all this data ... is still largely an open question.
However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation, the loss represents a massive economic threat," Alperovitch said.
McAfee got wind of the extent of the hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a "command and control" server they had discovered in 2009 as part of an investigation into security breaches at defense companies.
According to McAfee, the attacks were orchestrated primarily through spear-phishing, a targeted social attack on an employee or employees, allowing them to take control of the recipient's machine and then move through the network.
"The loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth in a suddenly more competitive landscape and the loss of jobs in industries that lose out to unscrupulous competitors in another part of the world, not to mention the national security impact of the loss of sensitive intelligence or defense information," Alperovitch wrote.
Four US government agencies, four US state governments, county governments in Northern and Southern California and Nevada have also been victims of the attack.
Other targets included 12 US defense contractors, a US news operation, think tanks, non-profits, and electronics and solar-power companies.
First Published: Wednesday, August 03, 2011, 11:04