Sign-up to receive weekly Defense email updates with news, commentary, photos, videos and more!
Focusing on the critical interplay of programs, policy, funding and operations to provide integrated intelligence and global perspective to defense and government leaders worldwide.
Aerospace Daily & Defense Report is relied upon for the latest, critical intelligence on programs, budgets and policies in defense, as well as military and civil space.
Unmanned Horizons is a dedicated section of AviationWeek.com's defense coverage of unmanned systems.
Access news, blog posts, videos, photos and other exclusive unmanned systems-related defense content.
Aviation Week is proud to announce its new Innovation Special Topic page supported by Booz Allen Hamilton.
Check out articles, white papers, interactive features and more related to aviation, aerospace and defense innovation.
Join defense leaders for the annual event focused on improving program performance! More »
Cyber-espionage represents “an existential threat from an economic perspective”, according to McAfee vice-president for threat research Dmitri Alperovitch. The company has just released a summary of its own cyber-intrusion, Operation Shady Rat, in which its own operators gained access to a command and control server (a remote access tool, or RAT) involved in cyberespionage. McAfee was able to read the server logs and determine what targets had been compromised through that access point since 2006. McAfee is “not in the business of pointing fingers”, Alperovitch says, but McAfee believes that the culprit was a “nation state actor”…That cyberespionage has compromised many targets is not news. What is different about Shady Rat is that it was McAfee’s own operation and can therefore be talked about. “The reason we released the report is that we have known about this, but have been constrained in what we could say. We discovered this independently so we had not signed agreements with the victims”. Of the many targets in the log, 72 could be identified. Thirteen were defense contractors, 22 were government agencies and 12 were international organizations, and the balance were private industries ranging from real estate and construction to energy. Some targets were on supposedly secure government networks. Three US defense contractors were compromised by intrusions that lasted 20 months or more. “News reports are calling this the biggest cyber attack in history,” says Alperovitch. “But what we found was one server. This particular nation controls thousands of servers.” The information that was targeted also yielded surprises. Along with national secrets, the adversary was after commercial information such as contracts and bid data – with a clear intention, Alperovitch says, to gain the upper hand in competitive bidding. There are two big issues, Alperovitch says. One is the “sheer scale and magnitude” of the operation, “a wholesale transfer of intellectual property … They are using our resources for their R&D.” That, and the ability to compromise bid data, can cause “a direct loss of jobs.” The other is the potential for “escalation from espionage to cyber network warfare. The difference between escalation and attack may be a click of a button.” But the massive attack is “largely unnoticed because nobody is reporting it,” Alperovitch says. Most of the attack victims, commercial and government alike, requested that they not be identified. The attitude, says Alperovitch, is “I must have done something wrong if I’ve been compromised.” He adds: "I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know."
Tags: ar99, cyber, china