Computer security company McAfee says revealed one of the largest ever series of cyber attacks.
It lists 72 different organizations, which had been directed for more than five years, including the International Olympic Committee, the UN and the security company.
McAfee does not say who he believes is responsible, but it has been suggested that China could be behind the attacks.
Beijing has always denied any government involvement in cyber attacks, calling the charges "baseless."
Speaking to BBC News, McAfee chief technology officer of the European Raj Samani says that the attacks were still ongoing.
"It's a completely different level from that of the Night Dragon attack that took place earlier this year. It was the attack on a particular sector. This is very, very broad. "
The shadow of operation called RAT - after the tool that security experts and hackers remote access used to gain remote access to computer networks - information from the five-year investigation considered a number of different organizations that thought might have been affected.
"From the log we were able to see where the traffic was coming," Samani said.
"In some cases, we were allowed to dive a little more and see if anything was taken, and in many cases, we found evidence that intellectual property (IP) had been stolen.
"The United Nations, Government of India, the International Olympic Committee, the steel industry, defense industry, including security companies have been forced to," he added.
Speculation in China
McAfee said he did not know what was happening in the information stolen, but could be used in existing products, or help to overcome the competitor, which represents a significant economic threat.
"This is what we call a spear-Phish attack, rather than trawling, in which they are intended for individuals within the organization," Samani said.
"E-mail sent to the person entitled to the level of access within the system, attached to the message was a piece of malware that is then executed, and the remote site open channel, giving them a chance.
"When they had access to an organization, or they were what we would call a" smash-and-grab "operation when they try to get as much information before they were taken, sometimes integrated into the network and [tried to] spread over different systems in an organization. "
Mr. Samani said that his company would "not make any assumptions about where it comes from," but China has seen many of the prime suspect in the industry.
Jim Lewis, a cybersecurity expert at the Center for Strategic and International Studies, quoted by Reuters news agency, saying it was "very likely that China behind the campaign because some of the objectives had information that would be particularly interest to Beijing. "
"Everything points to China. It could be the Russians, but there is more than points to China rather than Russia," said Lewis.
But Graham Cluley - a security researcher with Sophos is not so sure. He said: "Every time one of these reports comes out, people always point the finger at China."
He told BBC News: "We can not prove it in China does not mean that we should not be naive Every country in the world is probably using the Internet to spy ...
"After all, it's easy and profitable - but there are many different countries and organizations that might be."
Mr Cluley these companies often distracted by the very public actions and LulzSec anonymous group of activists who have hijacked online a number of high-level sites in recent months.
"Sometimes it is to steal public money or stealing your information. Is quietly stealing your information, you can have a very high political, military and financial support.
"In short, do not let your defenses," he said.
0 comments:
Post a Comment