Security team uncovers 'biggest ever' cyber attack

By on
Security team uncovers 'biggest ever' cyber attack

Security experts have uncovered what could amount to the biggest cyber attack ever launched in history.

The five-year stealth attack hit 72 organisations around the world - including the US Government, the UN, the International Olympic Committee (IOC), the World Anti-Doping Agency and a slew of tech and defence companies, according to security firm McAfee.

It's the latest in a series of international attacks that have seen China blamed for systematic data gathering and espionage.

As an example of the potential damage caused and methods used, McAfee said the UN was hacked when its systems were broken into at its secretariat in Geneva. The infiltrators hid their presence until discovered by McAfee, giving the perpetrators years to comb through secret data.

"Even we were surprised by the enormous diversity of the victim organisations and were taken aback by the audacity of the perpetrators," McAfee's vice president of threat research, Dmitri Alperovitch, wrote in a 14-page report seen by Reuters.

"What is happening to all this data... is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team's playbook), the loss represents a massive economic threat," he said.

McAfee chose not to disclose who it thought was behind the attacks, although it suggested state-run hacking was likely.

According to the company, it stumbled across the campaign when it came across logs of the attack while reviewing a control and command server captured as part of a probe into an earlier defence company hack.

The earliest attacks dated back to 2006, McAfee said, adding that the level of espionage was unprecedented.

"Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors," Alperovitch said.

"This is the biggest transfer of wealth in terms of intellectual property in history," he said. "The scale at which this is occurring is really, really frightening."

State backing?

Although McAfee decline to name the companies attacked, it said all victims had been notified, and wouldn't be drawn on naming the origin of the hack.

However, a security expert at the Center for Strategic and International Studies (CSIS) close to the situation hinted that China was the most likely culprit for the attacks due to the timing and targets, with the IOC's systems targeted in the run-up to the 2008 Beijing Olympics.

"Everything points to China. It could be the Russians, but there is more that points to China than Russia," CSIS's Jim Lewis told Reuters.

This article originally appeared at pcpro.co.uk

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © Alphr, Dennis Publishing
Tags:

Most Read Articles

Log In

Username / Email:
Password:
  |  Forgot your password?