U.S. Cybercops Caught Flat-Footed by Massive Global Cyberattack

Published August 04, 2011 FoxNews.com

Top U.S. cybercops were surprised by revelations of an unprecedented case of cyber-espionage -- a five-year-long hacking scheme from a single "state actor" that targeted U.S. government and U.N. computers as well as defense firms and private industries.

The spying was dubbed "Operation Shady RAT" by security firm McAfee, which uncovered the hacking -- and it led to a massive loss of information that poses a huge economic threat, security experts say.
"Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," wrote McAfee's vice president of threat research, Dmitri Alperovitch.


His report claimed the spying came from a single, unnamed source widely believed to be China, but offered few details for others to verify and did not identify most of the 72 victims, 49 of which were American. And even McAfee said it was only guessing at what data was stolen. But a U.S. official familiar with cyberaffairs told FoxNews.com that the McAfee report is on target: "The report is fairly accurate. It's McAfee's report. It's pretty self-explanatory."

If accurate, the government appears to have learned of the systemic, multiyear cyberspying not from its own cyber-police but from the McAfee report, representatives from the Pentagon, the Department of Homeland Security, U. S. Cyber Command and others told FoxNews.com

"We became aware of the McAfee report I think today, which is when it was released to the press as well," said Janet Napolitano, secretary of the Department of Homeland Security, speaking Wednesday at an unrelated press conference. "We obviously will evaluate it and look at it and pursue what needs to be pursued."

The White House was briefed on the report by Alperovitch about two weeks ago, a U.S. official with knowledge of cyber issues told FoxNews.com. News of that briefing hasn't spread everywhere, however.
"We're aware of the report," White House spokesman Jay Carney said during a press briefing. "Detecting and blocking cyberintrusion is a key cybersecurity goal for this administration." But when asked exactly when the White House learned of the massive cyber-espionage ring, however, Carney replied, "I can only tell you that we are aware of it. I don't have a date for you."

Col. Rivers Johnson, the spokesman for U.S. Cyber Command at Fort Meade, told FoxNews.com the agency was doing it all it can to protect the country from cyberattacks.

"We have an active defense system in place to hunt within DoD networks and prevent infiltration. We are using all appropriate means right now as part of that active defense."

Indeed, the agency is prepared to expand its efforts if needed, Johnson said.

"We could be called upon to assist others if the President so directs," he told FoxNews.com.

Yet U.S. leadership in the growing field of cybersecurity has been a thorny issue. The country has seen dramatic turnover in leadership in the past few years, capped by the abrupt resignation of top cybercop Randy Vickers on July 22. Vickers had been director of the U.S. Computer Emergency Readiness Team, or US-CERT.

Phil Retinger, the Department of Homeland Security's head of computer crimes, quit in May of this year. In August of 2009, Melissa Hathaway, the interim White House cybersecurity czar, resigned for personal reasons. And Rod Beckstrom, the Department of Homeland Security's cyber-security chief, resigned in March of 2009.

The agency has faced a dramatic surge in cyberattacks in recent months. Secretary of Defense Bill Lynn revealed in a March speech outlining the Pentagon's new cyberstrategy that the Pentagon had recently suffered its largest ever cyberbreach -- with 24,000 data files stolen.

And earlier this year Lockheed Martin, maker of the F-35 stealth supersonic jet, revealed it was the victim of a cyber hack.

On March 17, NSA director Gen Keith Alexander who also serves as the head of the Pentagon's new Cyber Command, said that the military does not have the capacity to safeguard Pentagon networks from cyberattack.

He estimated that each year more than 300 million dollars of intellectual property is stolen through cyberattack. Others have put that figure at billions.

Reporting by Jennifer Griffin


Read more:

We really suck at cyberwarfare.

The Federal Gov't sucks at protecting American Interests. It acts as if it has no responsibility in this arena. The fed abdicates it's responsibility as with immigration.

(08-05-2011 05:22 AM)SumOfAllFears Wrote:  The Federal Gov't sucks at protecting American Interests. It acts as if it has no responsibility in this arena.

Yeah, I don't think we have taken any steps towards better cyber security have we? Didn't Obama say we would...?

Not only does it keep getting worse, they cannot even assess what is lost, or put a price of value lost.

(08-05-2011 05:24 AM)OrangeCrush22 Wrote:  Yeah, I don't think we have taken any steps towards better cyber security have we? Didn't Obama say we would...?

I see nothing in the McAfee report ( http://www.mcafee.com/us/resources/white...dy-rat.pdf ) that goes against the idea that we've made big strides under Obama. Now the whole study published by McAfee was based on just one operation by one specific actor (they "gained access to one specific Command & Control server used by the intruders" and watched it for five years to track the victims).

Using the data published by McAfee on this one operation, I charted active infiltrations by month:


And limiting to US-only, broken down between victim type:


Uploaded with ImageShack.us