Hacking scheme hit UN, U.S. and Canadian governments

A cyber security expert in Dallas, Texas, says hackers were able to get away with infiltrating governments around the world dating back to 2006 because they were using custom viruses that allowed them to do a lot of work in a very short period of time.

CTV News Channel: Gregory Evans, expert

A security expert with National Cyber Security in Atlanta says hackers usually leave behind a digital signature, just an IP address. He says the Chinese government is good at disguising IP addresses and that McAfee must have done a lot of work to track it back to them.

CTV News Channel: Scheme gains attention

A CTV News correspondent discusses a new report from McAfee, which reveals the existence of a major hacking scheme that persisted for years and went through private data around the world.

Watch: See all Videos in the Player

A A | Email This Email | Print | Comments (47) Tweet

This screen shot shows the McAfee website. McAfee Inc. said in a report Wednesday, Aug. 3, 2011, that cybercriminals have spent at least the past five years targeting more than 70 government entities, nonprofit groups and corporations to steal troves of data. (AP Photo)

View Larger Image

CTV News.ca Staff

Date: Wed. Aug. 3 2011 8:30 PM ET

A new report from McAfee reveals the existence of a major hacking scheme that persisted for years and pilfered data from governments and organizations from around the world.

The computer security company has dubbed the scheme Operation Shady RAT, which it believes was carried out by a single source. McAfee has found evidence that related attacks occurred as far back as July 2006, but there may be more that have yet to be uncovered.

Four Canadian targets were among the scheme's dozens of victims, which also included the U.S. government and ASEAN, the Association of Southeast Asian Nations.

McAfee says the Montreal-based World Anti-Doping Agency, an unnamed information technology company and two Canadian government agencies were targeted.

The attacks also struck the United Nations and the International Olympic Committee, as well as various defence contractors, local governments and two U.S. news organizations.

While well over half of the Operation Shady RAT targets were located in the United States, the hacking scheme also went after organizations in South Korea, Taiwan, Germany and India, among other countries.

The wide range of victims surprised McAfee staff, who warn that "virtually everyone" is falling prey to the type of intrusions detailed in the report.

"I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of victims rarely discovering the intrusion or its impact," Dmitri Alperovitch, the vice-president of threat research at McAfee, writes in the report.

McAfee says that such pervasive data theft operations are driven largely by the desire of foreign actors to obtain information that can provide competitive advantages.

"This is a problem of massive scale that affects nearly every industry and sector of the economies of numerous countries, and the only organizations that are exempt from this threat are those that don't have anything valuable or interesting worth stealing," Alperovitch concludes in his report.

With files from The Canadian Press

Comments are now closed for this story

Chris
said
0 0

The main thing is that people are VERY NAIVE to not protect and use their computers properly. Most do not know to log into the computer, not as an administrator, but as a simple user only. Also, quit being so cheap as to use the free anti-virus programs... spend the money and keep yourself safe!!!

@Annoyedbypcilliterates
said
0 0

Every OS has back door exploits. Just Google "Back Door Exploit" to seee what I mean. Most viruses/exploits/trojans, BDE's are written by the very companies that sell the software to prevent infection by them. It's simply so much easier and therefore most cost effective to take advantage of the thousands of exploits in Windows. Writing a good OSX or Linux exploit would be too time consuming and too costly. I have OSX Macs and Vista PC's running in my house, all connected to the web 24/7. The PC's get Free AVG and the Macs get nothing. No viruses, no worms, no trojans in over 15 years. Personally, I'm annoyed by campy computer users who act like an operating system is their only child, not a bunch of code written by strangers for profit.

Bob Calgary
said
0 0

I had a brand new win7 pro notebook complete with current ESET anti-virus, ms security patches, java & adobe - all good right? Wrong - on internet I clicked one link about Disney embedding images in cartoons and boom - rootkit infected machine - had to reimage - and I'm a 25 yr IT pro.

AnnoyedByPCIlliterates
said
0 0

Ugh. It's funny seeing all these comments about people who claim to know the ultimate fix for not having an infected system.News flash: There are multiple ways to exploit Windows, Mac OS X as well as Linux.If there was no need for a security suite on Linux, why is ClamAV going strong? If there was no need for a security suite on MAC, why does Sophos, Norton, Avast and others offer their software to the mac population?Anything can and will be exploited, with or without the user's help.

CalgarySandy
said
0 0

Canada is not behind the 8 ball and never has been. Just because we don't bore the world telling everyone how great we are does not mean we are some backwater. We came through the latest, but not last, Recession almost unscathed. We were always in their with space technology. Blackberry, dying on the vine now, is Canadian. Fracting was invented in Calgary though the Yanks are, as usual, laying claim to it. For our population size we are doing nicely. It is not even necessary to be on the bleeding edge as long as you are in the boat.

Susan Fairbairn
said
0 0

It doesn't matter what kind of computer or Anti-Virus programme you use. All computers can be hacked into or infected if a hacker or virus creator is good enough. It's up to the individual computer users to be smart as to which Internet sites they go into and how they use their computers.

Justin
said
0 0

The reason why there are no viruses for linux/mac is because why make one that won't hit the majority of people? Once more and more people begin using other operating systems, viruses will emerge.

gregoryd
said
0 0

Hey if you can't beat em, join em, only do it first. Does anyone really believe the US is not doing the same thing. Actually probably most countries are except Canada. We are always behind the eight ball when it comes to inovation. One could say were nice but kinda slow when it comes to looking out for our interests. The saying goes: nice guy's finish last. You would think we would learn. Oh well maybe in the future eh.

Dave in F'ton
said
0 0

If the end user is blindly clicking on everything and engaging in unscrupulous behavior (i.e. piracy), it doesn't matter how much anti-virus protection you have. This is nothing but needless fear-mongering by a largely-irrelevant company trying to sell a few extra software licenses. Don't go where you shouldn't go and don't do what you shouldn't do. Oddly enough, if the majority of people listened to this kind of logic, we'd all be out of jobs in the IT sector.

Khrum
said
0 0

Good for them all I feel they deserve it.If it's so sensitive and you ALL know it can be hacked why using it in the first place?If you cant come with a safe way to block hacking time to find better ways.

Living Free
said
0 0

Avoid Windows! It is a Virus Magnet.No antivirus required for Linux. If you are new to Linux, try Linux Mint. Remember, Linux is Free, in both senses of the word. Actually you can add Free from viruses.

Outside the Windows
said
0 0

It's a pity that nobody mentioned that you could live virus free with LINUX. You don't need any antivirus software for it.

true canadian
said
0 0

Let's hope our government takes this matter up with China rather kissing their --s and selling them our resources in the name of foreign investment.And also hope that instead of talking tough to China(like they did with N.korea), they dont slap a information security tax on us.

Ron - IT Pro
said
0 0

Sam and Dave in F'ton, you both could not be more wrong, and its people like you that help spread viruses as you get them! As a working tech for many long years I can assure you that viruses will find you...without your help. If we build a new computer, put it online (insert cable and connect)and do nothing else, it is only a matter of typically minutes before it is attacked by some form of infection. Commonly referred to as "worms" these viruses find you, all by themselves by programming, your PC or MAC is a beacon once its online and its quite easy to find you...regardless of if your careful, doing something you shoudn't or not makes no difference. Both your beliefs are long dead myths of the 90's. Be aware that these days are different, if its connected, they can find you and its that simple. (Try AVG or NOD32, avoid Norton's or Mcafee). Mac's are just as vulnerable as anything else, in my opinion MAC has less experience dealing with threats then MS by a mile!

notconfucious
said
0 0

Any IT Security practitioner worth their salt can tell you that State sponsored activity such as this has been going on 24/7 for years now..timing of this report is the real story here.

Apple Lover
said
0 0

Time to switch to Macs :)

true canadian
said
0 0

i was reading international newspapers and some of them openly named republic of china behind this massive hacking scheme. Some of them have mentioned it as an 'state organised hacking' pointing towards china. China has already being blamed for bugging high tech. aircraft parts used by US air force and many countries have banned using 'made in china' equipment for telecom servers as they are bugged. Chinese companies are buying most of Africas resources and even trying to buy Canadian resources. Makes me feel suspicious, what they are upto. RISE UP CANADIANS, SAY NO TO CHINESE TAKEOVER. I hope Harper smartens up too.

Lila
said
0 0

Never use McAfee. Learned many years ago that it is definitely NOT a good AV program; switched to Norton and have had no problems since. Even the free AV programs are better than McAfee in my opinion.

The Next Terrorist Threat
said
0 0

False flag! They're increasing hacking and soon enough this will cover the news like terrorism does today. An excuse to regulate the internet and put a silence to all those who go against the status quo. They government wants to shut the down the internet and this is how their going to do it. Don't say I didn't warn anyone. The next enemy is hackers and how they'll hack into everything and take over airplanes that way too. A bunch of BS!

SVCR
said
0 0

Well said Jim-Surrey, McAfee is garbage even when you do manual updates they are slower than many others getting updates out to those that still use their software.Even free ones do a better job at that!!!!!!!!!!!Eventually the Mac attacks will start as hackers will get bored with how easy it is to get at Microsoft!!!

ITGuy
said
0 0

I see several possibilities here:The NSA is looking for terroristsThe CIA is looking for spiesChina needs more things to copyRussia is trying to win the OlympicsTerrorists are looking for stocks to buyMcAfee is trying to boost salesApple is trying to boost salesEverybody is looking for that edge to put themselves on top...it just does not work.

Nycole
said
0 0

Somebody should make a movie called "Operation Shady RAT". Great name!

Genius At Work
said
0 0

I'm no IT guy, but real quick, here goes. I won't use McAfee if it takes the four years to track this down. I'm thinking the hackers are pretty stupid and not really geeks. After all, c'mon, do you really think you can learn from a government? What do you steal, the How To Balance A Budget handbook? And the UN? Do you hack into their prized, How to Stabilize An Unruly Country?

Intelligent Liberal
said
0 0

They HACKED into the Canadian Government! What does Harper have to say about this breach of security? Nothing, he is too busy blabbing to the papers about the personal separatist views of the Leader of the Official Opposition, views based upon the sexual orientation of like minded Francophone unionized women in their late 60's.

adamis here
said
0 0

What really interests me about this story is that the CBC did not pick it up. The CBC has become increasingly sensitive to upsetting Chinese interests in Canada but has no qualms with challenging the British heritage of Canada. It makes you wonder how far we are going to go in loosing this country to foreign interests and cash before anyone grows a pair .At some point our government has to hold China responsible for these actions and treat them as acts of war. They are certainly as effective.

geebee
said
0 0

Electronic social disease.

Hire me
said
0 0

Is this report an advertisement for McAfee products? Imagine the billion dollar contract they could have with US and Canadian gouvernment.

Sam
said
0 0

Dave in F'ton is absolutely correct. The virus checker will only go so far, its all comes down to the users. All you mac users stop saying buy a Mac. There are viruses & spyware for everything. I've seen Macs with spyware Infested in them because users are brainwashed into thinking they are 100% safe. 90% of the computers I have repaired (virus wise) are because of the users going somewhere where they shouldn't have been (company computers).

alex
said
0 0

Anyone surprised? Have you seen the tech our government uses?

Ferrit
said
0 0

Get a Mac.Oh man do people really display their sad lack of intelligence by saying that still?Island girl. Your in for some serious surprises when the new Macdefender re surfaces. Oh and dont expect Apple to help you they still like telling their customers that exploits dont exist for mac

Prof. Pye Chartt
said
0 0

People. People. People. If Apple didn't manufacture the utopian computing devices you wouldn't see their products positioned on most Hollywood television shows and films. Obviously, the folks in Hollywood KNOW what is best for us all, and they are merely trying to inform us as to what we should have and use. Besides, the Microsoft guy is a chubby, right-wing geek. He's not cool like the Apple-Mac guy. Clearly, so many of you in this forum today don't understand basic computing. Apple products are secure from hacking and immune from viruses because, well, they're cool and, well, hackers and virus transmitters are also self-perceived as cool. Cool people don't violate other cool people. It's the law of the jungle, and applies to the world of computing. (I'm typing this comment on a Mac right now, and know what I'm talking about.)

HB
said
0 0

AV products are great for a large population, but for the few of us who know where they originate, its just as well not having a frustratingly annoying program running in the background hogging all CPU activity. I had Norton installed, man... I just won't get into it. I have been running my computer without AV for year now and once I had a problem with virus. But I enjoy not having one installed.

Dave in F'ton
said
0 0

The trick with viruses is you generally only get them if you're careless or doing something you shouldn't be doing.

PBW
said
0 0

Regardless of which AV program you use, if YOU fail to keep the virus signature file up-to-date it is your fault, not the maker of the AV program. And as the person complaining about McAfee updates should be aware, updates are automatic, frequently daily: time to upgrade, my friend, as you are obviously way out of date!

Craig from NS
said
0 0

I wonder why everyone here equates A/V programs with "Security". McAfee is a security company and it produces A/V software, but this only part of their product portfolio. A/V software is not the first/last line of protection for any computer. They only protect you from certain security threats, not all. P.S. Mac's have their niche, but they are not an enterprise class platform. (Un)fortunately, Windows rules the world in that category.

rvdinc
said
0 0

"Get a MAC" really, Really, come on now . A MAC is built on a open source OS. and requires better protection. Mcafee is the issue, why people use it is, I will never understand. TMS or Nortons.

James
said
0 0

In other news a Chinese official said that there was nothing to see here and that we should all continue to open email attachments from unknown senders.

How do you spell China
said
0 0

Smells like China has been busy lately!

Chris
said
0 0

What does using a mac have anything to do with viruses? are macs somehow infused with magical properties that protect it from viruses? the only reason there is not as many virus on mac is that a very small percentage of people that use macs, but they are far from immune, if more people used macs than windows pc's then there would be more viruses for mac

Scott (in AB Party Country)
said
0 0

Anti-virus programs are like choosing an automobile, one isn't necessarily better than the other it's just which do you like better, Chev? Ford?. Don't be fooled, in terms of AV software, the free ones do the job just as good as the pay ones.

IT Geek
said
0 0

Firstly - Get a MAC? The only way to accelerate a MAC is to throw it out of a window!Secondly - Trend better than McAfee? Get a life. I don't see any other A/V organization reporting this. Also if you're interested in rating an A/V organization try checking with Gartner who rates McAfee #1.

island girl
said
0 0

Get a Mac.

G. Hull
said
0 0

It's great how these days no one can do anything without a lot of armchair journalists dumping on it. McAfee releases a case study, on a topic for which they presumably have some expertise and insight, and people accuse them of fear mongering for the purposes of marketing. Had they not published, they would have been accused of a cover-up. They cannot win either way.

don Windsor
said
0 0

McAfee uncovers hacking scheme five-year after the fact, AGAIN!

Jim-Surrey
said
0 0

I find it strange McAfee can discover this YET their PC Security Software is the worst out there. Thanks to their lack of updates a virus hit me and their software didn't catch yet.A simple on-line scan from Trend Micro however did and removed the virus and that is a free scan. So now I rely on Trend Micro to keep me secure and they do a great job at it!!!

URU
said
0 0

Sounds like McAfee is losing money in their company stocks and this would be the best time to put fear in to consumers to buy more of their products to drive their sales. Good tactics but I don't think everyone will fall for this.

Paul
said
0 0

And those are the ones they know about. As my father always said, locks only stop honest people.