Operation Shady RAT
Aug 18, 2011 18:18:37 GMT -8
Post by clone on Aug 18, 2011 18:18:37 GMT -8
Strong Evidence Points to China as Cyberhack Source
Last Updated: Aug 6, 2011
GLOBAL ASSAULT: McAfee identified targets from Asia, Europe, and North America in its victim count as part of the report. Companies, governments, NGOs, and media groups were all hit. (McAfee)
The onslaught has been termed Operation Shady RAT (referring to one of the items of software used in the attack, a “Remote Administration Tool”), and bears a striking resemblance to similar campaigns that have been traced back to China and, many experts believe, actors sponsored by the Chinese regime.
Atlanta-based Dell SecureWorks has also traced the attacks. They pinpoint them to two major Chinese cities: Shanghai and Beijing.
According to McAfee, hackers stole petabytes (thousands of terabytes) of information, including industry-relevant secrets from a sweeping variety of targets since 2006: classified state secrets from governments, design schematics and source code from technology companies, and exploration plans from natural resources companies.
McAfee won’t say whether they have evidence that the attacks originated in China, but experts don’t see much room for argument.
The Work of a State
In its report, security firm McAfee said the large-scale cyber-espionage operation was conducted not by a group of independent hackers but a "state actor." This is due to the “sophistication, target list, or type of information” targeted, McAfee spokesperson Joris Evers told The Epoch Times in a telephone interview.
www.theepochtimes.com/n2/china-news/strong-evidence-points-to-china-as-cyberhack-source-59991.html
Last Updated: Aug 6, 2011
GLOBAL ASSAULT: McAfee identified targets from Asia, Europe, and North America in its victim count as part of the report. Companies, governments, NGOs, and media groups were all hit. (McAfee)
The onslaught has been termed Operation Shady RAT (referring to one of the items of software used in the attack, a “Remote Administration Tool”), and bears a striking resemblance to similar campaigns that have been traced back to China and, many experts believe, actors sponsored by the Chinese regime.
Atlanta-based Dell SecureWorks has also traced the attacks. They pinpoint them to two major Chinese cities: Shanghai and Beijing.
According to McAfee, hackers stole petabytes (thousands of terabytes) of information, including industry-relevant secrets from a sweeping variety of targets since 2006: classified state secrets from governments, design schematics and source code from technology companies, and exploration plans from natural resources companies.
McAfee won’t say whether they have evidence that the attacks originated in China, but experts don’t see much room for argument.
The Work of a State
In its report, security firm McAfee said the large-scale cyber-espionage operation was conducted not by a group of independent hackers but a "state actor." This is due to the “sophistication, target list, or type of information” targeted, McAfee spokesperson Joris Evers told The Epoch Times in a telephone interview.
The Epoch Times looked at over a dozen of the hacking incidents and, through targeted news searches, traced them to business deals and political events around the time they occurred.
A pattern emerges of friendly meetings, deal announcements, or cooperative efforts between China and a variety of groups, closely followed or in some cases preceded by, a hacking intrusion. Snooping on the targets in all of these cases would potentially have netted the Chinese regime's high-tech blueprints, top-secret documents, and other pieces of insider information invaluable in political or business discussions, in some cases of very high financial value.
The Pohang Iron and Steel Company (POSCO), based in Pohang, South Korea, is the third largest steel maker in the world. In July 2006, POSCO initiated a takeover of a large mill in China’s Jiangsu Province, and in November, POSCO developed a “new efficient steel.” McAfee says that Korean Steel Company was hacked in July 2006—the same date of takeover negotiations. The intrusion lasted beyond November.
A pattern emerges of friendly meetings, deal announcements, or cooperative efforts between China and a variety of groups, closely followed or in some cases preceded by, a hacking intrusion. Snooping on the targets in all of these cases would potentially have netted the Chinese regime's high-tech blueprints, top-secret documents, and other pieces of insider information invaluable in political or business discussions, in some cases of very high financial value.
The Pohang Iron and Steel Company (POSCO), based in Pohang, South Korea, is the third largest steel maker in the world. In July 2006, POSCO initiated a takeover of a large mill in China’s Jiangsu Province, and in November, POSCO developed a “new efficient steel.” McAfee says that Korean Steel Company was hacked in July 2006—the same date of takeover negotiations. The intrusion lasted beyond November.
www.theepochtimes.com/n2/china-news/strong-evidence-points-to-china-as-cyberhack-source-59991.html