/ 3 August 2011

Chinese whispers? Global cyber-spy campaign unearthed

The governments of the United States and other countries, major US defence contractors, the United Nations and the International Olympic Committee (IOC) have been targets of a global cyber spying campaign, security firm McAfee said on Wednesday.

McAfee did not identify the country believed to be behind the sophisticated hacking campaign dubbed “Operation Shady Rat”, which it traced back to at least 2006, but security experts said that the prime suspect had to be China.

The McAfee report identified 72 “compromised” parties including the governments of the United States, Canada, India, South Korea, Taiwan and Vietnam.

Other targets included computer networks of the United Nations, Association of Southeast Asian Nations, the IOC and national Olympic committees, the World Anti-Doping Agency, a US Energy Department lab, and around a dozen US defense firms, McAfee said.

The intruders sought sensitive data on US military systems and satellite communications, according to the report.

The victims were the targets of a “five year, targeted operation by one specific actor,” McAfee said, and were identified from logs tracked to a single computer server.

James Lewis, a cybersecurity expert at the Centre for Strategic and International Studies, said the evidence may not be “conclusive in a legal sense,” but suspicion points towards China.

“You can think of at least three other large programs attributed to this country that look very similar,” Lewis said. “It’s a pattern of activity that we’ve seen before. It’s in line with other activities.”

Lewis, who was briefed on the report ahead of its release, said “what’s unusual is the amount of detail McAfee was able to acquire”.