"... according to McAfee, which gained access to a crucial command-and-control server used by the attackers ..."
So who was spying on who here?
Major cyber-espionage operation exposed
Summary
"Operation Shady Rat" stole government secrets, sensitive corporate documents, and other intellectual property for five years from more than 70 public and private organizations in 14 countries.
Topics
A widespread cyber-espionage campaign stole government secrets, sensitive corporate documents, and other intellectual property for five years from more than 70 public and private organizations in 14 countries, according to the McAfee researcher who uncovered the effort. The campaign, dubbed "Operation Shady RAT" (RAT stands for "remote access tool") was discovered by Dmitri Alperovitch, vice president of threat research at the cyber-security firm McAfee.
While most of the targets have removed the malware, the operation continues, according to McAfee, which gained access to a crucial command-and-control server used by the attackers and has been monitoring the logs since 2006. Alperovitch has briefed senior White House officials, government agencies, and congressional staff and is working with U.S. law enforcement to shut down the operation's command-and-control server, according to Vanity Fair.
Typically, a target would get compromised when an employee with necessary access to information received a targeted spear-phishing e-mail containing an exploit that would trigger a download of the implant malware when opened on an unpatched system. The malware would execute and initiate a backdoor communication channe http://blogs.mcafee.com/mcafee-labs/revealed-operation-shady-rat
For more on this story, read Global cyber-espionage operation uncovered on CNET News.
Just In
The article says "unpatched systems" were compromised. How long was the exploit patched before the attacks occurred? It's hard to believe that defense contractors and government officials work on computer missing updates.
@Bookmark71
It only takes one unpatched system. The key element here is not "unpatched systems" (although every computer in a network should obviously be patched) but rather a determined attacker. If someone is determined and smart enough they will *always* find a way in. IMHO what is lacking is a quick intrusion detection/response time. At my company many of our response systems are automated to (at least) block detected malicious computers, and usually alert an admin who can look at what is going on and respond appropriately. The real killer in this article are the companies that don't know they have been compromised. That is poor security on their part, and can equate to a Coup de grace for any company.
It only takes one unpatched system. The key element here is not "unpatched systems" (although every computer in a network should obviously be patched) but rather a determined attacker. If someone is determined and smart enough they will *always* find a way in. IMHO what is lacking is a quick intrusion detection/response time. At my company many of our response systems are automated to (at least) block detected malicious computers, and usually alert an admin who can look at what is going on and respond appropriately. The real killer in this article are the companies that don't know they have been compromised. That is poor security on their part, and can equate to a Coup de grace for any company.
"Operation Shady RAT", nice marketing name. "operation's command-and-control server"... rename the botnet server with a more military sounding name.
"cyber-espionage campaign stole government secrets, sensitive corporate documents, and other intellectual property for five years from more than 70 public and private organizations in 14 countries"
Welcome to the Internet, all your servers are attacked all the time to get everything from them that might be worth selling.
"targeted spear-phishing e-mail containing an exploit that would trigger a download of the implant malware when opened on an unpatched system."
Blinding them with buzz-words. Yes McAfee, we get it, you want military money to compensate for a diminishing anti-virus market. Windows 7 is far better at basic security and so the anti-virus market just isn't what it was.
So an irritating little botnet attempt that you've simply watched for 5 years and done nothing, suddenly becomes a cyber-threat, with a "command and control" center... blah blah blah.
Go away you scaremongering little creeps and make a new product instead of trying to exaggerate threats to keep an old product alive.
"cyber-espionage campaign stole government secrets, sensitive corporate documents, and other intellectual property for five years from more than 70 public and private organizations in 14 countries"
Welcome to the Internet, all your servers are attacked all the time to get everything from them that might be worth selling.
"targeted spear-phishing e-mail containing an exploit that would trigger a download of the implant malware when opened on an unpatched system."
Blinding them with buzz-words. Yes McAfee, we get it, you want military money to compensate for a diminishing anti-virus market. Windows 7 is far better at basic security and so the anti-virus market just isn't what it was.
So an irritating little botnet attempt that you've simply watched for 5 years and done nothing, suddenly becomes a cyber-threat, with a "command and control" center... blah blah blah.
Go away you scaremongering little creeps and make a new product instead of trying to exaggerate threats to keep an old product alive.
Get professional results GHD Straighteners with ghd's brand new GHD Hair Australia collection of 10 brushes GHD Hair Straighteners Cheap and 2 combs ? developed GHD Collection with professional stylists Ghd Kiss to give you a smooth Ghd Pink 2009 and sleek finish Ghd Purple Sale to your style. yongfengying2
Collection sale in 2011 Tod Sale Stylish womens Tods Tods Bags Sale Shoes on Todsonsale Tods Outlet Online Store. Brand Cheap Tods Floral Lace New & Authentic Quality. Tods Flats Free Shipping + Best Discount, Tod's Gommino About 9 business days To Tod's Mens Shoes Your Door! Feature of Tods Snakeskin Tods Gommno Shoes Black Red. yonfengying2
Join the conversation!
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
Facebook Activity
