Security experts have discovered the biggest series of cyber attacks to date, involving the infiltration of the networks of 72 organisations including the United Nations, governments and companies around the world.
The security company McAfee, which uncovered the intrusions, said it believed there was one “state actor” behind the attacks but declined to name it. One security expert who has been briefed on the hacking said the evidence pointed to China.
The long list of victims in the five-year campaign includes the governments of the US, Taiwan, India, South Korea, Vietnam and Canada; the Association of South-east Asian Nations ; the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies from defence contractors to high-tech enterprises.
In the case of the UN the hackers broke into the computer system of the secretariat in Geneva in 2008, hid there unnoticed for nearly two years and quietly combed through reams of secret data, according to McAfee.
“Even we were surprised by the enormous diversity of the victim organisations and were taken aback by the audacity of the perpetrators,” McAfee’s vice-president of threat research, Dmitri Alperovitch, wrote in a 14-page report released on Wednesday.
“What is happening to all this data … is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat.”
McAfee learned of the extent of the hacking campaign in March this year when its researchers discovered logs of the attacks while reviewing the contents of a “command and control” server that they had discovered in 2009 as part of an investigation into security breaches at defence companies.
Alperovitch said McAfee had notified all the 72 victims of the attacks, which are under investigation by law enforcement agencies around the world. He declined to give more details, such as the names of the companies hacked.
Jim Lewis, a cyber expert with the Centre for Strategic and International Studies, was briefed on the discovery by McAfee. He said it was very likely that China was behind the campaign because some of the targets had information that would be of particular interest to Beijing.
The systems of the IOC and several national Olympic committees were breached in the run-up to the 2008 Beijing Games, for example. And China views Taiwan as a renegade province – political issues between them remain contentious even as economic ties have strengthened in recent years.
“Everything points to China. It could be the Russians but there is more that points to China than Russia,” Lewis said.
He added that the US and Britain were capable of pulling off this kind of campaign but “we wouldn’t spy on ourselves and the Brits wouldn’t spy on us”.