The possibility of a nation such as China engaged in large-scale cyber-espionage through APT attacks came up again last week.
In a report entitled "Revealed: Operation Shady RAT," McAfee says evidence it got from a server out on the Internet shows 72 businesses and government agencies, most in the U.S. but from several other countries as well, have suffered APT infiltrations since 2006. McAfee says the attacker is probably a "nation-state," but it didn't point to any particular country.
McAfee's "Revealed: Operation Shady RAT" only names a few of the victims, including the World Anti-Doping Agency in Montreal, the Asian and Western national Olympic Committees, and the United Nations, along with the Association of Southeast Asian Nations.
Dmitri Alperovitch, vice president of threat research at McAfee labs, says McAfee has tried to reach those it believes were targeted based on the log evidence from the server it gained "legally" in March. "Some IP addresses are very clear, they're the firewall of an organization," Alperovitch says.
The intention of the McAfee report is to show that "someone is going to a tremendous amount of effort to compromise these computers," he says. Alperovitch says the APT server in question is still in operation, and there are "hundreds if not thousands" of these servers designed to coordinate siphoning of sensitive data. The theft of intellectual property taking place represents a "massive transfer of wealth that is happening," he says, as some infiltrator -- probably a "nation-state" -- tries to gain economic advantage by chipping away at the economic advantage others may have.
Read more about wide area network in Network World's Wide Area Network section.