Friday, August 05, 2011

CYBERWAR - Massive Cyber Spying

"Massive Campaign of Cyber Spying Uncovered" PBS Newshour 7/4/2011

Excerpts from transcript

MARGARET WARNER (Newshour): For at least five years, a high-level hacking campaign infiltrated the computer systems of more than 70 governments, corporations and public and private organizations in 14 countries. So says the Internet security firm McAfee, which uncovered the massive campaign and dubbed it Operation Shady RAT.

A summary released by McAfee yesterday identified -- identified the perpetrator only as one specific state actor.
----
MICHAEL JOSEPH GROSS, Vanity Fair: This is an unprecedented campaign of cyber-espionage, demonstrates with absolute clarity now that there are just two kinds of organizations, those that have been compromised and those that haven't, as Dmitri Alperovitch, the guy who discovered this campaign, has often said.

What happened is, they went into more than 70 organizations, everything from the International Olympic Committee to giant corporations, to tiny nonprofits, in 30 different organizational categories in 14 countries. They took out government secrets, design schematics, legal contracts, negotiation plans for business deals, every kind of sensitive information you can think of.

In many cases, these organizations were compromised for at least a year, in some cases, more than two years. And there's a really interesting pattern to the evolution of the attacks that suggest where they may have come from.

MARGARET WARNER: And that is?

MICHAEL JOSEPH GROSS: That is China.




"Revealed: Operation Shady RAT" by Dmitri Alperovitch, McAfee Labs 8/2/2011

Excerpt

For the last few years, especially since the public revelation of Operation Aurora, the targeted successful intrusion into Google and two dozen other companies, I have often been asked by our worldwide customers if they should worry about such sophisticated penetrations themselves or if that is a concern only for government agencies, defense contractors, and perhaps Google. My answer in almost all cases has been unequivocal: absolutely.

Having investigated intrusions such as Operation Aurora and Night Dragon (systemic long-term compromise of Western oil and gas industry), as well as numerous others that have not been disclosed publicly, I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.

McAfee Global Threat Intelligence: Suggest using Filter Threats (dropdown), select Top Intrusion Attackers, then use View All at bottom of the list. Note the nation flags in this view.

No comments: