p2pnet view – P2P | Security | Politics :- Yesterday we ran an item stating the latest in a long list of a shlock-horror reports from the online ’security’ company McAfee claims two Canadian government agencies’ computer systems were infiltrated as part of a ‘massive global cyber attack spanning at least five years’ and, probably perpetrated by a foreign government
The ‘revelationse’ were also carried by various lamescream media outlets, which probably should have been more circumspect, given the source.
Among them was VanityFair under the heading ‘Exclusive: Operation Shady rat—Unprecedented Cyber-espionage Campaign and Intellectual-Property Bonanza kicking off with: “Here, Vanity Fair’s Michael Joseph Gross breaks the news of Operation Shady rat’s existence—and speaks to the McAfee cyber-security expert who discovered it … “McAfee cyber-security expert.
Gross goes on: “When the history of 2011 is written, it may well be remembered as the Year of the Hack.
“Long before the saga of News of the World phone hacking began, stories of computer breaches were breaking almost every week. In recent months, Sony, Fox, the British National Health Service, and the Web sites of PBS, the U.S. Senate, and the C.I.A., among others, have all fallen victim to highly publicized cyber-attacks. Many of the breaches have been attributed to the groups Anonymous and LulzSec. Dmitri Alperovitch, vice president of threat research at the cyber-security firm McAfee, says that for him, “it’s been really hard to watch the news of this Anonymous and LulzSec stuff, because most of what they do, defacing Web sites and running denial-of-service attacks, is not serious. It’s really just nuisance.”
“’Just nuisance,” that is, compared with a five-year campaign of hacks that Alperovitch discovered and named Operation Shady rat—a campaign that continues even now, and is being reported for the first time today, by vanityfair.com, and in a lengthier report on the larger problem of industrial cyber-espionage in the September issue of Vanity Fair. Operation Shady rat ranks with Operation Aurora (the attack on Google and many other companies in 2010) as among the most significant and potentially damaging acts of cyber-espionage yet made public. Operation Shady rat has been stealing valuable intellectual property (including government secrets, e-mail archives, legal contracts, negotiation plans for business activities, and design schematics) from more than 70 public- and private-sector organizations in 14 countries. The list of victims, which ranges from national governments to global corporations to tiny nonprofits, demonstrates with unprecedented clarity the universal scope of cyber-espionage and the vulnerability of organizations in almost every category imaginable. In Washington, where policymakers are struggling to chart a strategy for combating cyber-espionage, Operation Shady rat is already drawing attention at high levels. Last week, Alperovitch provided confidential briefings on Shady rat to senior White House officials, executive-branch agencies, and congressional-committee staff. Senator Dianne Feinstein (D-CA), chairman of the Senate Select Committee on Intelligence, reviewed the McAfee report on Shady rat and wrote in an e-mail to Vanity Fair: “This is further evidence that we need a strong cyber-defense system in this country, and that we need to start applying pressure to other countries to make sure they do more to stop cyber hacking emanating from their borders.” McAfee says that victims include government agencies in the United States, Taiwan, South Korea, Vietnam, and Canada, the Olympic committees in three countries, and the International Olympic Committee. Rounding out the list of countries where Shady rat hacked into computer networks: Japan, Switzerland, the United Kingdom, Indonesia, Denmark, Singapore, Hong Kong, Germany, and India. The vast majority of victims—49—were U.S.-based companies, government agencies, and nonprofits. The category most U.S.-based companies, government agencies, and nonprofits. The category most heavily targeted was defense contractors—13 in all.
Now, “Two security companies are questioning claims that a cyber espionage campaign uncovered by a rival firm was sophisticated or even extraordinary, says, Computerworld, Going on, “In its report, McAfee said it was “surprised by the enormous diversity of the victim organizations” and ‘taken aback by the audacity of the perpetrators.’
But,’Shady RAT’ hacking claims overblown, say security firms
“Not sophisticated, certainly not out of the ordinary, argue McAfee rivals,” says the story. Oh dear! The story adds,
“What we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth,” said McAfee, referring to the now-nearly-constant attacks on Western companies and organizations by campaigns like Shady RAT.
“Moscow-based Kaspersky Lab on Thursday begged to differ, saying that McAfee has simply not provided enough information to justify the claims being bandied about.”The report contains nothing on what particular data has been stolen or how many computers in each organization were hit by the attacks,” said Alex Gostev, Kaspersky’s chief security expert. “Until the information in the McAfee report is backed up by evidence, to talk about the biggest cyber attack in history is premature.”
Jon Newton – p2pnet