McAfee announced in Boston, today that U.N. headquarters, governments and companies have been infiltrated by RAT (remote access tools) malware. This malware has been on their systems harvesting secret information starting five years ago. The malware lay on the U.N. systems undetected for two years. McAfee released the report to coincide with the start of the Black Hat conference in Las Vegas today.
Victims in the five-year campaign include the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies, from defense contractors to high-tech enterprises. McAfee has notified all the 72 victims of the attacks, which are under investigation by law enforcement agencies around the world.
“Jim Lewis, a cyber expert with the Center for Strategic and International Studies, was briefed on the discovery by McAfee. He said it was very likely that China was behind the campaign because some of the targets had information that would be of particular interest to Beijing. Everything points to China. It could be the Russians, but there is more that points to China than Russia.” – Jerusalem Post
McAfee’s Quarterly Security Report and “Night Dragon” reports are available by clicking the links, verified by me to be genuine (see below).
The “Night Dragon” report is very educational as it details how the attacks happen. The first quarter report goes into detail about the existing and anticipated threats from the perpetrators of cyber attacks and malware distributors.
"I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they've been compromised and those that don't yet know. Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators." - Dmitri Alperovitch (McAfee's vice president of threat research)
Today, infopackets reported the largest ever attack on South Korea (obtained via tgdaily) :
“Chinese hackers are being blamed in the wake of a recent attack on two popular South Korean websites, breaches that together resulted in the loss of personal information associated with 35 million personal accounts. South Korea's SK Telecom, which owns and operates both of the websites involved in the attack -- a social networking platform called 'Cyworld' and a web portal named 'Nate' -- was recently forced to apologize for the breach. The number of personal accounts exposed in the attack is quite staggering, given that South Korea's population is only about 50 million. That equates to 70 per cent of the entire population.” – infopackets
China has been implicated in these attacks also because the servers in these cyber attacks have been localized to China. McAfee has not attributed these attacks to the government of China. In a small aside, McAfee was acquired by Intel earlier this year. Intel is heavily invested in Chinese technology. About 100 researchers – or 10% of the total number of researchers from Intel – are located in Beijing, so you might not be hearing any accusations from McAfee.
Sources:
http://www.tgdaily.com/security-features/57550-south-korea-blames-chinese-hackers-over-massive-data-theft
http://www.infopackets.com/news/security/2011/20110802_south_korea_suffers_worst_ever_cyber_attack.htm
http://www.jpost.com/International/Article.aspx?id=232235
http://semiaccurate.com/2011/06/13/intel-chinese-microprocessor-development-inefficient/
McAfee Reports:
http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2011.pdf
http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf