Massive global cyberattack hits US hard: Who could have done it?
Cybersecurity firm McAfee says it infiltrated a 'command and control' server with detailed logs of five years of cyberattacks against targets ranging from the US government to the World Anti-Doping Agency. McAfee suggests a country was behind it. Experts suspect China.
(Page 2 of 3)
These latter instances “potentially pointed a finger at a state actor behind the intrusions, because there is likely no commercial benefit” behind such hacks, the McAfee report said. The cyberspies also targeted the computer networks of political nonprofits, private Western groups that promote democracy, and a US national security think tank. Beside the UN, the ASEAN (Association of Southeast Asian Nations) was also hacked.Skip to next paragraph
Subscribe Today to the Monitor
Even though McAfee did not name the country believed to be behind the attacks, their scope, targets, and technical skill left other cyberexperts strongly suspecting a nation frequently cited as the perpetrator behind many cyberespionage probes: China.
China at 'top of the list'
“China rises to the top of the list of nations that could do this," says James Lewis, a senior fellow and director of the Technology and Public Policy Program at the Center for Strategic and International Studies in Washington. "This fits precedent with other attacks we've seen. It's not conclusive, but who else cares this much about Taiwan?"
The McAfee report also cited but did not name a news organization whose New York and Hong Kong bureaus were targeted in 2009. The Associated Press, which was earlier reported to be the target of similar information grabbing attacks in the past, would not confirm the reports or comment on them, spokesman Jack Stokes told the Monitor.
Yet the vast loss of information to this particular cyberthief represents just a fraction of the total stolen each year from networks worldwide in what has become an enormous drain on the competitive edge that has long undergirded US and other developed nations' economies.
“This report only hints at the massive loss of information being downloaded each year,” says Scott Borg, chief economist of the US Cyber Consequences Unit, a research organization. “All the stuff being sucked out of these companies is a real worry. Not all of it is intellectual property, but it’s a lot of stuff nonetheless vital to these companies.”
Mr. Borg estimates the loss to such thefts at $6 billion to $20 billion annually for the US alone. That loss could be far higher, except that the perpetrators have a limited capacity to digest the specialized information and capitalize on it, he says.
MONITOR QUIZ: How much do you know about cybersecurity?