McAfee: 'State actor' behind massive global espionage ring
With hacking becoming an increasing concern as of late with the work of decentralized groups such as Anonymous and LulzSec making headlines, concerns over state-sponsored intrusions has abated. McAfee has brought those fears back to the forefront thanks to a whitepaper released on Wednesday.
McAfee says that it has uncovered a massive hacking operation that has targeted at least 72 government agencies, companies, and organizations in 14 countries since 2006. Worse yet, McAfee has reason to believe a single foreign government may be behind the attacks.
The company declined to name who it suspected to be responsible for the hacks, however it said it had alerted all affected parties to the hack as well as local law enforcement and that investigations were underway. McAfee first discovered the ring in 2009 in an investigation of security breaches affecting defense companies.
Most of the attacks were believed to have planted something called a "remote access tool" on the victim's computers, allowing the hackers in. Thus, McAfee has dubbed the hacking campaign "Operation Shady RAT."
China has repeatedly been suspected of cyber-espionage, although proof of such attacks has been hard to come by. From the whitepaper, it wouldn't be too hard to suspect that McAfee could be looking to the Chinese on this one: the governments affected are for the most part on shaky terms with the country.
Hackers targeted the US, Canadian, South Korean, Vietnamese, Taiwanese, and Indian governments. The UN was also targeted as well as defense contractors. All told, the targets of these hackers seem to indicate a 'state actor,' as the information pilfered would have little commercial benefit.
"The presence of political non-profits, such as the a private western organization focused on promotion of democracy around the globe or U.S. national security think tank is also quite illuminating," threat research VP Dmitri Alperovitch said in the report.
"After painstaking analysis of the logs, even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," he continued.
While the firm has evidence of attacks over the past five years, it suspected that the cyber espionage may have gone back much further than that although it had no hard evidence.
If it is indeed China, it's likely the country would never admit to any kind of wrongdoing. As recently as last month, officials were stressing that the country does not spy on others. "The Chinese government opposes hacking in all its manifestations," Foreign Ministry spokesperson Hong Lei said at the time.