Categories
Politics Technology

The Largest Global Cyber-Espionage Case in History

A single quote says just about everything about the sheer scale of this recently-discovered global hack:

“In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.”

Global cyber-espionage operation uncovered | InSecurity Complex – CNET News.

The cyberattack, dubbed Operation Shady RAT (Remote Access Tool), affected no less than 70 organizations, public and private, across 14 countries. The United Nations, defense contractors, the US Department of Energy, businesses and “every company in every conceivable industry with significant size and valuable intellectual property and trade secrets.”

The list of countries affected includes the United States and several Southeast Asian nations. But the targets notably do not include China, suggesting to many that the perpetrator of this massive hack was the Chinese government. In addition to the scale of the attack and list of targeted countries, The Register also notes that one target in particular points the way:

“The interest in the information held at the Asian and Western national Olympic Committees, as well as the International Olympic Committee (IOC) and the World Anti-Doping Agency in the lead-up and immediate follow-up to the 2008 Olympics was particularly intriguing and potentially pointed a finger at a state actor behind the intrusions, because there is likely no commercial benefit to be earned from such hacks,” writes Mitri Alperovitch, McAfee’s VP of threat research.

Researchers at McAfee have managed to gain control of one of the Command and Control servers, but says more are out there. Therefore, it is probably too soon to say for sure what the complete list of affected companies and organizations is.

This malware-fueled global breach may go down as the largest transfer of intellectual property in the history of the Internet. It differs from the relatively automated attacks carried out by #Anonymous and #LulzSec because once computers were compromised with malware, they would then be controlled by a human operator who continued to widen the permissions of the affected machine to access even more sensitive data.

The attack is not over, either. And experts already measure the loss of data in petabytes.

More reading:

Categories
Technology

The #NSA and #FBI investigating the #Google #China hack claims

From CNet Security today we learn that the FBI and the NSA (at minimum, there are doubtless other agencies involved) are looking into the Google claim that a phishing scam of Chinese origin was targeting US government officials. Google’s claim also specifies journalists and activists have also been targeted, though this article does not specifically deal with those claims:

Feds investigate alleged attacks on Gmail accounts | Security – CNET News.

The official statement from the National Security Agency is a bit of a dodge, actually:

“Speaking on behalf of the U.S. government, we’re looking into these reports and seeking to gather the facts,” Caitlin Hayden, deputy spokesperson for the National Security Agency, told CNET today. “We have no reason to believe that any official U.S. government e-mail accounts were accessed.”

Notice that official government email accounts would not be administered by Google or gMail, so of course they would not be directly affected. That is not the same thing as saying that US officials with private email accounts didn’t get hacked, or that the information they shared with others on that account isn’t of a sensitive nature.

For its part, China seems to be acting rather punchy, especially considering the fact that Google’s statement does not imply any specific government involvement in the hack. In fairness, though, announcements of hacking attempts don’t normally include the specific city and country of origin. So the question becomes what, if any, Chinese government buildings are in Jinan, China?

Add to this the official Pentagon announcement that it will declare cyberattacks to be acts of war and you’ve got a somewhat scary escalation in the Internet realm. Not that I think cyberattacks will escalate to full-scale war, but a purely network-based “cold war” could tie up billions of dollars of Internet trade, which is not good news for economy.