In-Depth

Dire Warning from McAfee Security Specialist

A new report from security specialist McAfee warns that the information security sky is nigh on falling.

• By Stephen Swoyer
• 08/15/2011

A new report from security specialist McAfee warns that the information security sky is nigh on falling. This isn’t overstating the case, either.

McAfee bills its new report -- Revealed: Operation Shady RAT -- as an assessment of targeted intrusions at more than 70 organizations over the last half-decade. Citing the success of efforts such as “Operation Aurora” (an intrusion that targeted several organizations, including Google Inc.) and “Night Dragon,” author Dmitri Alperovitch reaches an especially sobering conclusion.

Everyone, he says, will be compromised. “I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised ... or will be shortly,” writes Alperovitch, vice president of threat research with McAfee.

Most victims, he continues, won’t even discover that they’ve been compromised. “I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.”

One upshot of this is that valuable information has fallen into the wrong -- or into undeserving -- hands. What’s especially vexing, according to Alperovitch, is that because so many organizations don’t yet know they’ve been compromised, we can’t even guess as to just how valuable, or just how dangerous, this information might be.

“What we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth -- [i.e.] closely guarded national secrets ... including from classified government networks ... source code, bug databases, [e-mail] archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts, [and] design schematics,” he writes.

From a business perspective, Alperovitch continues, this represents a potentially staggering loss. “If even a fraction of [this information] is used to build better competing products or beat a competitor at a key negotiation ... due to having stolen the other team’s playbook ... the loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth,” he explains.

Alperovitch’s study assesses 72 different targets, including six U.S. federal government targets; 13 defense contractors; and two companies that specialize in satellite communications. What’s perhaps most sobering of all, he says, is that all of these exploits were perpetrated by the same entity or group.

“What I have described here has been one specific operation conducted by a single actor [or] group. We know of many other successful targeted intrusions … not counting cybercrime-related ones ... that we are called in to investigate almost weekly, which impact other companies and industries,” he concludes.

“This is a problem of massive scale that affects nearly every industry and sector of the economies of numerous countries, and the only organizations that are exempt from this threat are those that don’t have anything valuable or interesting worth stealing.”