A widespread cyber-espionage campaign that stole government secrets, sensitive corporate documents and other intellectual property for five years from more than 70 public and private organizations in 14 countries has been uncovered by a McAfee researcher, Vanity Fair reported today.
The campaign, dubbed “Operation Shady RAT,” was discovered by Dmitri Alperovitch, vice president of threat research at the cyber-security firm McAfee. It continues today, he said. Alperovitch has briefed senior White House officials, government agencies, and congressional staff and is working with U.S. law enforcement to shut down the operation’s command-and-control server, according to the report.
“Operation Shady RAT ranks with Operation Aurora [the attack on Google and many other companies in 2010] as among the most significant and potentially damaging acts of cyber-espionage yet made public,” Michael Joseph Gross writes in the article.
It’s unclear exactly who is behind the operation, but Alperovitch believes it is state-sponsored, although he declined to speculate which country might be responsible. An educated guess might be China, given the targets. They include organizations in the U.S., most countries in Southeast Asia, but none in China, and many defense contractors. Also attacked were the United Nations, the World Anti-doping Agency, and the International Olympic Committee and Olympic committees in three countries, which were targeted before the 2008 Olympic Games in Beijing, according to the report.