More than 70 companies and government organizations have been hacked as part of a global espionage campaign, security firm McAfee claims.
Victims of the attacks include the governments of the US, Canada, India, South Korea, Taiwan and Vietnam. While reports don’t say who’s believed to be responsible, the inclusion of taiwan on the list in particular means the smart money’s on China.
Also hit were the UN, the International Olympic Committee and 12 US defense contractors.
According to Reuters, McAfee’s traced the attacks back as far as 2006, although it says they may go further back than that. They were apparently carried out through spear-phising emails sent to specific individuals at the various organizations. It’s dubbed the operation Shady Rat.
The hackers were after both military and commercial information, according to McAfee VP of threat research Dmitri Alperovitch. This includes secret government documents, email archives, legal contracts, details of business negotiations and design schematics.
“If you look at an industry and think about what is most valuable in terms of intellectual property, that is what they were going after,” he said.
“Even we were surprised by the enormous diversity of the victim organisations and were taken aback by the audacity of the perpetrators.”
Rather shockingly, the victims don’t seem to have been aware of the intrusions until they were notified by McAfee. Indeed, the attack on on the UN Secretariat appears to have carried on for two years, and some — such as one on the World Anti-Doping Agency in Montreal – are still continuing.