Dark Reading
Protect The Business - Enable Access
Find out how attackers can avoid intrusion prevention systems and gain access to your data. Download now!
Report: 'Operation Shady RAT' Attacks Hit 70 Organizations In 14 Countries
McAfee report on a massive cyberespionage campaign has been under way for five years against national governments, global companies, nonprofits, and others, Vanity Fair reports By Kelly Jackson HigginsDark Reading
The so-called "Operation Shady RAT," which is detailed in a new report by McAfee, has mostly hit U.S.-based organizations and government agencies (49 of the 70 victims), but government agencies in Taiwan, South Korea, Vietnam, and Canada are among its victims, as are organizations in Japan, Switzerland, the U.K., Indonesia, Denmark, Singapore, Hong Kong, Germany, and India, according to the Vanity Fair article. Some 14 U.S. Defense contractors are among the targets, as is the International Olympic Committee, the United Nations, the World Anti-Doping Agency, and the Association of Southeast Asian Nations.
According to the report, the attackers have lifted sensitive government information, email, legal contracts, and design documents. Dmitri Alperovitch, vice president of threat research at cybersecurity firm McAfee, reportedly first caught wind of the attacks in 2009 during a forensics investigation of a U.S. defense contractor client. The attack began with a spear-phishing e-mail message that included a URL that, when visited, downloaded a remote access tool onto the victim's machine. That provided a foothold for the attackers to get inside and siphon information from the victim's organization
The report highlights just how "persistent" these APT attackers are: Some victims were under attack for two years, according to McAfee.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
 |
To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
Subscribe to RSSAdvanced Threats Reports
How Did They Get In? A Guide to Tracking Down The Source of an APT
If you think that your organization hasn't been affected by an advanced persistent threat, you probably haven't looked hard enough. Identifying that your organization is under attack is difficult enough; determining the scope of infiltration and damage presents a whole new level of challenge. To effectively protect against APTs, security pros will need to employ an arsenal of tools in a coordinated fashion, as well as develop new understandings of and approaches to system and data exploits. Here's a short and simple guide to this challenge.
Detecting and Defending Against Advanced Persistent Threats
APTs are a growing problem for enterprises big and small. Protecting your organization from these targeted threats
requires constant vigilance, ongoing employee training and a concerted effort to align security systems to address
every phase of an APT. Companies also need to develop a remediation and response plan if, despite best efforts, defenses are breached.
Smarter, Stealthier, Sneakier Malware
Increasingly sophisticated and targeted attacks are making it more difficult for organizations to detect
and defend against the latest malware. In this compendium of recent coverage from Dark Reading, you?ll get a look at some of the newest -- and most dangerous -- malware on the Web, and what you can do to stop it.
Other reports from the Advanced Threats Tech Center:
Related Content
| Sponsored by: |  |
MOBILE SECURITY - Mapping an Ecosystem of Risk
This white paper highlights the various considerations for defending mobile applications-from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
Software Security Delivered in the Cloud
This Solution Guide details the automated, turnkey service that requires no special security assessment expertise. It details HP's market-leading static and dynamic analysis technologies that help organizations worldwide gain insight into the security state of their essential business applications.
SANS Mobility/BYOD Security Survey
This survey, which includes input from more than 500 IT professionals, explores how organizations are managing risk around their end user mobile devices as well as what level of policies and controls enterprises have around mobile usage.
Expert Guide to Application Security - Real-time Hybrid Analysis
Explore the next generation of hybrid security analysis - what it is, how it works, and its benefits. This white paper details how hybrid application security enables organizations to resolve critical software security issues faster and at a lower cost than any other available technology.
A Mainstay Partners Study: Does Application Security Pay?
Measuring the Business Impact of Software Security Assurance Solutions: a study of 17 organizations that implemented solutions from Fortify Software, combining industry research and benchmark analysis to identify, qualify, and quantify the full range of benefits seen from their SSA investments.
Advanced Threats Newsfeed
- McAfee and Intel Announce Critical Infrastructure Protection
- Infrax Systems (IFXY) Launches Smart Grid's SPIDer
- DOD Announces Expansion Of Defense Industrial Base Voluntary Cybersecurity Information Sharing Activities
- Wurldtech Provides Testing Accreditation For Siemens CERT Lab
- ACTi And Twonky Directory Traversal Vulnerabilities Disclosed By Digital Defense
- IBM Announces New Threat Analytics To Help Organizations Better Identify Hidden Security Attacks
MORE NEWSFEED >>>
- Protecting End Users Against Emerging Threats
- The Business Value of Data Quality – Getting the Most out of Your Investments in Data Warehousing and Data Analytics
- Supporting an Enterprise-wide Data Archive and Retention Strategy
- Forrester Total Economic Impact study of Midrange Storage
- Top 10 Reasons to Put Your Phone System in the Cloud
