trending:

sponsored:

Just In

More News Load more
Technology

Huge cyber-attack targets United Nations, defense contractors

by Gautham Nagesh - 08/03/11 5:52 PM ET
by Gautham Nagesh - 08/03/11 5:52 PM ET

More than 70 government organizations and corporations in 14 countries have been targeted in a cyber-attack identified by the security firm McAfee. 

The attack appears to have begun in 2006, and resulted in data theft from a wide range of organizations.

Operation Shady RAT (Remote Access Tool), as the attack has been dubbed, appears to have affected the United Nations, a Department of Energy lab and the International Olympic Committee as well as numerous local governments and defense contractors.

{mosads}”Although Shady RAT’s scope and duration may shock those who have not
been as intimately involved in the investigations into these targeted
espionage operations as we have been, I would like to caution you that
what I have described here has been one specific operation conducted by a
single actor/group,” said McAfee vice president of threat research
Dmitri Alperovitch.

“This is a problem of massive scale that
affects nearly every industry and sector of the economies of numerous
countries, and the only organizations that are exempt from this threat
are those that don’t have anything valuable or interesting worth
stealing,” he said.

Experts have suggested the attack may have been engineered by a foreign nation, with China appearing the most likely source. Many of the organizations targeted in the attack have already secured their systems, but portions of the data collection continue today.

Alperovitch said his firm was able to gain a log of victims since mid-2006 by accessing one of the servers used in the attack, though the snooping might have begun earlier. He said the actual attack was fairly standard: a spear-phishing email with a virus sent to an employee with the right amount of access.

Once the employee opens the message, their machine will download the malware, which then opens a backdoor into the system accessible from the outside servers. Soon after, live intruders will access the infected machine to expand its access and compromise other networked devices.

Tags

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts

Main Area Top ↴

Video/Hill.TV

See all Hill.TV

See all Video

See all Hill.TV See all Video
Main Area Bottom ↴

Top Stories

See All

See All
Sidebar Top ↴

Most Popular

  1. Marjorie Taylor Greene stumps for Steve Bannon as he reports to prison
  2. Housing costs have nearly doubled in swing states since 2020
  3. Potential cause of lupus may be identified: Study
  4. Evictions rising across Southwest, dropping in Northeast: Data
Load more
Sidebar Middle ↴

The Hill Podcasts

Sidebar Middle ↴

People – Custom HTML – Sidebar Bottom – Any Person

SIDEBAR BOTTOM
Read next >
Read next >
Next
Read next >
Next story in
Read next >
Next story in