“World’s Largest Global Hack Ever” of Nonprofits and Governmental Entities

The Nonprofit Quarterly is reporting that “the computer security company McAfee has issued a 14-page report describing what is being called the world’s largest ‘global hack’ ever.” Bloomberg is calling it a “Hacker Armageddon” that will force security software companies to revamp.

The revealing of this 5 year long series of attacks on governmental and nonprofits has caused many to step forward to claim that while there were attacks sustained, their networks are secure, such as the World Anti-Doping Agency reported to the Associated Press in the Washington Post. 

McAfee is calling the hacking campaign “Operation Shady RAT” (an apt acronym for “remote access tool”) and has traced activity back to 2006 across 72 global organizations across 14 countries that appear as widespread as the United Nations, the International Olympic Committee, two unnamed think tanks, one political nonprofit, Lockheed and RSA Security, among others. The details show that the hackers had access for months in some cases.

The director of malware research for Dell SecureWorks, Joe Stewart, traced the activity to networks in Beijing and Shanghai according to PCWorld. The Chinese government is denying involvement and saying it is not responsible for the accessing of hundreds of Gmail accounts. Google announcedin June that it had disrupted a targeted phishing campaign designed to hijack Gmail accounts belonging to governmental, military, and activist individuals.

McAfee has made a distinction between the RAT group and the recent wave of less sophisticated attacks from cyber activist groups such as Anonymous and LulzSec in its report. The report continues to note, “what we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth – closely guarded national secrets (including from classified government networks), source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts, SCADA configurations, design schematics and much more…” A few pages later the report continues, “After painstaking analysis of the logs, even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators.”

McAffee states that its goal in releasing this report, including specific names of entities that were targeted, is to raise the level of public awareness – especially since voluntary disclosures from victims is unlikely. Written by Dmitri Alperovitch, McAfee’s VP of Threat Research, the report ends with the quote “This is a problem of massive scale that affects nearly every industry and sector of the economies of numerous countries, and the only organizations that are exempt from this threat are those that don’t have anything valuable or interesting worth stealing.”