Operation Shady RAT': World's Biggest Hacking Operation Hails from China?

You would think that the world's largest hacking operation to date might possess a rather sinister sounding name. Or, it could just be called "Operation Shady RAT." RAT standing  for "remote access tool," a type of software used by hackers to access networks from remote locations.

Shady RAT, which appears to have been born and raised in China, has reportedly infiltrated the networks of some 72 organizations over the last five years, including the United Nations, state governments and various companies around from the world. While the internet security firm McAfee uncovered the breaches, it has declined to name the culprits. But other security experts are pointing the finger at China.

During its assault on networks worldwide, some of Shady Rat's victims allegedly include the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an assortment of companies, from reportedly defense contractors to the high-tech industry.

Reuters gives us some of the details:

In the case of the United Nations, the hackers broke into the computer system of its secretariat in Geneva in 2008, hid there for nearly two years, and quietly combed through reams of secret data, according to McAfee.

"Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," McAfee's vice president of threat research, Dmitri Alperovitch, wrote in a 14-page report released on Wednesday.

"What is happening to all this data ... is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team's playbook), the loss represents a massive economic threat."

McAfee learned of the extent of the hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a "command and control" server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.

...

Some of the attacks lasted just a month, but the longest -- on the Olympic Committee of an unidentified Asian nation -- went on and off for 28 months, according to McAfee.

...

"This is the biggest transfer of wealth in terms of intellectual property in history," he said. "The scale at which this is occurring is really, really frightening."

But where does China come in? According to Jim Lewis, a cyber expert with the Center for Strategic and International Studies, China is the most likely suspect because it had the most to gain. Lewis alleges that some of RAT's targets posessed information that would be of particular interest to Beijing.

Reuters explains:

The systems of the IOC and several national Olympic Committees were breached before the 2008 Beijing Games. And China views Taiwan as a renegade province, and political issues between them remain contentious even as economic ties have strengthened in recent years.

"Everything points to China. It could be the Russians, but there is more that points to China than Russia," Lewis said.

Watch the special report below: