WORLD
Governments, IOC and UN hit by massive cyber attack
Baku, August 3 (AZERTAC). IT security firm McAfee claims to have uncovered one of the largest ever series of cyber attacks.
It lists 72 different organisations that were targeted over five years, including the International Olympic Committee, the UN and security firms.
McAfee will not say who it thinks is responsible, but there is speculation that China may be behind the attacks.
Beijing has always denied any state involvement in cyber-attacks, calling such accusations "groundless".
McAfee`s chief European technology officer, Raj Samani, said the attacks were still going on.
"This is a whole different level to the Night Dragon attacks that occurred earlier this year. Those were attacks on a specific sector. This one is very, very broad."
Dubbed Operation Shady RAT - after the remote access tool that security experts and hackers use to remotely access computer networks - the five-year investigation examined information from a number of different organisations which thought they may have been hit.
"From the logs we were able to see where the traffic flow was coming from," said Mr Samani.
"In some cases, we were permitted to delve a bit deeper and see what, if anything, had been taken, and in many cases we found evidence that intellectual property (IP) had been stolen.
"The United Nations, the Indian government, the International Olympic Committee, the steel industry, defence firms, even computer security companies were hit," he added.
McAfee said it did not know what was happening to the stolen data, but it could be used to improve existing products or help beat a competitor, representing a major economic threat.
"This was what we call a spear-phish attack, as opposed to a trawl, where they were targeting specific individuals within an organisation," said Mr Samani.
"An email would be sent to an individual with the right level of access within the system; attached to the message was a piece of malware which would then execute and open a channel to a remote website giving them access.
"Once they had access to an organisation, they either did what we would call a `smash-and-grab` operation, where they would try and grab as much information before they got caught, or they sometimes embedded themselves in the network and [tried to] spread across different systems within an organisation."