[OWASP-Malaysia] Global Cyberattack Under Way For Years

Harisfazillah Jamel linuxmalaysia at gmail.com
Thu Aug 4 11:06:39 EDT 2011


http://techcentral.my/news/story.aspx?file=/2011/8/4/it_news/20110804104157&sec=it_news

NEW YORK: A computer security firm says cybercriminals have spent at
least the past five years targeting more than 70 government entities,
nonprofit groups and corporations around the world to steal troves of
data.

McAfee Inc said in a report on Wednesday that the attacks have
targeted a broad range of organisations, including the United Nations,
the International Olympic Committee and companies mostly in the United
States.

McAfee did not say who may be behind the attacks but believes the
culprit is likely a nation state.

The report is short on specifics, as the security firm is not naming
most of the victims, nor is it stating exactly what data were stolen.
Most of the victims are in the United States. Other victims were in
Canada, South Korea, Taiwan, Japan and nine other countries.

The report comes amid a surge in high-profile hacking cases in recent
months. Citigroup, Sony Corp, Lockheed Martin, PBS and others have
been targeted by hackers this year.

McAfee said the majority of those revelations have been the result of
"relatively unsophisticated and opportunistic exploitations for the
sake of notoriety by loosely organised political hacktivist groups,
such as Anonymous and Lulzsec."

But the threats McAfee's report focuses on are "much more insidious
and occur largely without public disclosures," wrote Dmitri
Alperovitch, vice-president of threat research at McAfee and the
report's author.

The key to these intrusions, he said, is that the perpetrator is
motivated by "a massive hunger for secrets and intellectual property."

UN spokesman Farhan Haq said McAfee had informed the United Nations
that its networks may have been targeted in a broad cyberattack
between September 2008 and December 2010.

He said the UN's technical staff in New York and Geneva are analysing
logs of network activity for those periods, looking for evidence of
such an attack.

International Olympic Committee (IOC) spokesman Mark Adams said that,
thus far, the attacks are "a claim being made by Mcafee" and that the
security firm's researchers "have yet to give us any evidence or
detail."

"We are unaware of the alleged attempt to compromise our information
security claimed by Mcafee," Adams said. "If true, such allegations
would of course be disturbing.

"However, the IOC is transparent in its operations and has no secrets
that would compromise either our operations or our reputation."

Although The Associated Press is not named in the McAfee report, the
company's research team has said that AP was a victim.

Paul Colford, a spokesman for The Associated Press, said the AP does
not comment on its network security. - AP

© 1995-2011 Star Publications (Malaysia) Bhd (Co No 10894-D)


------------------


OWASP DAY KL 2011 - Malaysia - The Open Web Application Security Project

Visit official website for detail and registration information

https://www.owasp.org/inde​x.php/OWASP_Day_KL_2011

Registration

https://www.owasp.org/inde​x.php/OWASP_Day_KL_2011#ta​b=Registration

or email to owaspday @ osdc dot my

OWASP Malaysia will host OWASP Day KL 2011 in Kuala Lumpur, Malaysia
from Sep. 20 to Sep. 21, 2011 and colloborate with UniKL & OSDCMY.


More information about the OWASP-Malaysia mailing list