McAfee study: Five year cyber attack hit governments, businesses and multinational power companies
SUBNET Solutions Inc | Wednesday, August 03, 2011
Though many companies have shrugged off the ability of cyber security hackers to infiltrate their computer security networks, a report released by cyber security experts illustrates how vulnerable the U.S. is to cyber security attacks.
According to a report from The New York Times, U.S.-based McAfee, which is one of the globe's largest cyber security firms, released a report this week that showed how U.S. critical infrastructure protection (CIP) systems and the cyber security networks of other high-profile organizations were easily infiltrated by hackers over the past five years.
The large-scale cyber security attack lasted for more than five years, according to McAfee researchers, and was exceedingly sophisticated in scope and intention. In fact, during the attack hackers breached the defense networks of a number of government agencies across the globe, along with the United Nations and some of the biggest businesses in the U.S.
In their report, McAfee analysts affirmed that a government body was likely behind the attacks, though they refused to say which country was at fault. Industry experts assert that McAfee is keeping mum on the responsible for a number of reasons: For one, it is extraordinarily difficult to pinpoint the origins of a cyber security infiltration and for another, the company could fuel tensions if it were to reveal the perpetrators.
Still, the cyber security attack was singular in that it was methodically planned and executed, McAfee vice president of threat research and lead author of the report Dmitri Alperovitch said.
"We're not pointing fingers at anyone but we believe it was a nation-state," he said during a telephone interview on Wednesday.
According to McAfee's team of researchers, the U.S. is unevenly targeted by hackers from around the globe when compared to the number of attacks aimed at other governments. In fact, organizations operating in the U.S. represented 49 of the 72 attacks discovered by McAfee, according to the report.
Aside from the U.S., the United Nations, organizations in Canada, Japan, South Korea, Taiwan, Switzerland and Great Britain and the International Olympic Committee were targeted, USA Today reports.
The research revealed such wide spread cyber security infiltrations that even the researchers conducting the work were surprised, according to Alperovitch.
"After painstaking analysis of the logs, even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," he stated in the report.
McAfee officials said that they released the report to coincide with the hacker convention Defcon that began this week in Las Vegas. Many of the organizations that McAfee's researchers claim were breached were unaware that their security networks had been infiltrated. This, according to industry experts, illustrates the vulnerability of many cyber security networks.
Businesses and governments stand to lose heavily from cyber security breaches. While many organizations are seemingly unaware of the permeability of their cyber defense protocols, hackers are easily pilfering mountains of data that they can then use to develop superior products or give them an advantage in negotiations, experts contend.
Earlier in the year McAfee released a report that stated at least five multinational oil and gas companies had suffered hacking attempts. As the U.S. moves to upgrade its power supply network, public officials and industry analysts have voiced their concerns regarding the relatively lax oversight many utilities have exerted over their computer networks.
The latest report from McAfee, however, has prompted many officials at both private and public organizations to rethink their approach to cyber security.
Substation Cyber Security
Substation Automation & Remote Access