Hackers based in China spent five years ransacking the computer networks of the United Nations, multinational corporations, the Olympic committees of several countries and the U.S. and Canadian governments, two security companies said.
In one of the largest cyberattacks discovered, more than 72 organizations were hacked by spies beginning in 2006, according to computer server logs and other evidence obtained by Santa Clara's McAfee Inc.
The attack has been traced to servers in at least two of China's major cities, Beijing and Shanghai, according to Dell SecureWorks, which separately traced the same series of attacks.
U.N., multinational networks hacked from China
ReplyDeleteMichael Riley, Bloomberg News
San Francisco Chronicle, Thursday, August 4, 2011
Hackers based in China spent five years ransacking the computer networks of the United Nations, multinational corporations, the Olympic committees of several countries and the U.S. and Canadian governments, two security companies said.
In one of the largest cyberattacks discovered, more than 72 organizations were hacked by spies beginning in 2006, according to computer server logs and other evidence obtained by Santa Clara's McAfee Inc.
The attack has been traced to servers in at least two of China's major cities, Beijing and Shanghai, according to Dell SecureWorks, which separately traced the same series of attacks.
"Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," Dimitri Alperovitch, McAfee's vice president of threat research, said in the report.
The details of the incidents, which McAfee dubbed Operation Shady RAT, are part of a mounting body of evidence linking China to sophisticated hacking operations targeted against a broad array of both government and commercial targets. RAT is industry shorthand for remote access tool, software used to hack networks.
Wang Baodong, a spokesman for the Chinese embassy in Washington, said China is "firmly against international hacking activities and is ready to work with other countries to secure the cyberspace."
"I'd say that whenever there's a story coming out on cyberspace intrusions, there'll be willful finger-pointing at China to vilify its image," he said in an e-mail. "This is simply abnormal and ridiculous and we cannot but question the ulterior motives there."
Investigators probing the hacking of the International Monetary Fund in May also linked the incident to China. Other previously known victims of China-based hackers include Google Inc., Morgan Stanley, DuPont Co. and Adobe Systems Inc.
McAfee doesn't name the country in which the operation was based in a report released this week titled "Revealed: Operation Shady RAT," concluding the hackers have government support and that it preferred to keep the country anonymous. Joe Stewart, head of malware research at SecureWorks, said the country discussed in the report was China.
McAfee does name some of the victims, which include the World Anti-Doping Agency and the Secretariat of the Association of Southeast Asian Nations.
Other victims included a U.S. real estate company, a major media organization in New York and a satellite communications company, said McAfee, which accessed a command and control server used by the hackers that revealed a rich trove of data on their victims.