Report Documents Widespread Cyberattacks
August 3, 2011 by UPI - United Press International, Inc.
SANTA CLARA, Calif., Aug. 3 (UPI) — A U.S. computer security firm said its analysis of computer hacking of more than 70 corporations and government entities shows it came from “nation-state.”
MacAfee computer security firm used logs produced by one server to trace cyberattacks on entities such as a news service, the U.N. secretariat, a U.S. Energy Department lab, defense firms and the International Olympic Committee, The Washington Post reported Tuesday.
McAfee said hundreds of other servers were used by the same adversary, which the company did not name.
“We’re not pointing fingers at anyone but we believe it was a nation-state,” Dmitri Alperovitch, McAfee’s vice president of threat research and the lead author of the report, told The New York Times in a telephone interview.
U.S. corporate and government entities represented 49 of the 72 targets, McAfee said. Governments, companies and organizations in Canada, Japan, South Korea, Taiwan, Switzerland and Great Britain also were targeted multiple times.
While McAfee, based in Santa Clara, Calif., declined to name a likely source, James A. Lewis, a Center for Strategic and International Studies cybersecurity expert, told the Post “the most likely candidate is China.”
The log’s emphasis on Taiwan and Olympic organizations before the Beijing Games in 2008 “points to China,” he said. “This isn’t the first we’ve seen. This has been going on from China since at least 1998.”
Another computer expert knowledgeable about the study also told the Post the hacks appear to have come from China.
Forty-nine of the 72 hacked organizations were in the United States.
“After painstaking analysis of the logs, even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators,” Alperovitch wrote.
The earliest cyberassaults dated to mid-2006, although McAfee said other intrusions may still be undetected. The duration of the attacks ranged from a month to 28 months.
What happened to the data remains “largely an open question,” Alperovitch said in the report. “However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation, the loss represents a massive economic threat.”