According to a Reuters report on Wednesday, security company McAfee believes it has uncovered the largest series of cyber attacks yet, with 72 big organizations from around the world hit. McAfee said it thought a single “state actor” perpetrated the intrusions, and though it refused to name names, Reuters said that “one security expert who has been briefed on the hacking said the evidence points to China.”
Among the victims are the governments of the US, Taiwan, India, South Korea, Vietnam and Canada; the United Nations; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and a large number of companies, including those in the defense and high-tech industries.
The ongoing attacks are believed to have been carried out over a period of five years, beginning in 2006. McAfee discovered the extent of the intrusions in March of this year.
The company said that hackers had, for example, infiltrated the computer system of the UN Secretariat in Geneva three years ago, hiding undetected for some two years while secretly examining vast swathes of confidential data.
McAfee believes some of the security breaches lasted a month while one, on the Olympic Committee of an unnamed Asian nation, continued sporadically for almost two-and-a-half years.
In a report issued by McAfee on Wednesday that was examined by Reuters, Dmitri Alperovitch, the security company’s vice president of threat research, wrote: “This is the biggest transfer of wealth in terms of intellectual property in history. The scale at which this is occurring is really, really frightening. Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators.”
He continued: “What is happening to all this data … is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat.”
And evidently in no mood to mince his words, he added: “Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors.”
All of the victims have been notified by McAfee and are now in touch with local law enforcement agencies.
Recent cyber attacks by hacking groups Anonymous and LulzSec have been getting a lot of attention, but they somehow pale into insignificance when put up against the scale of this latest, more sinister, mass security breach, carried out by what McAfee is calling one “state actor.”
- 2018 Winter Olympic Games have been hacked, organizers confirm
- Companies are sorry about security flaws. Just not sorry enough to change
- Federal investigation into Equifax hack said to wither, even with more data exposed
- ZTE and Huawei respond to intelligence agency warnings over security risks
- Japan to crack down on cryptocurrency exchanges after high-profile hacks