NPR logo

McAfee Releases Report On Hacking Project

  • Download
  • <iframe src="https://www.npr.org/player/embed/138962415/138962549" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript
McAfee Releases Report On Hacking Project

Technology

McAfee Releases Report On Hacking Project

McAfee Releases Report On Hacking Project

  • Download
  • <iframe src="https://www.npr.org/player/embed/138962415/138962549" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript

McAfee, the computer security company, has released a report on a five-year hacking project that has been stealing information such as government secrets, e-mail archives, legal contracts and business strategy plans from more than 70 public- and private-sector organizations in 14 countries. The list of victims ranges from national governments to global corporations to tiny nonprofits. Many suspect China is the hacker.

MELISSA BLOCK, host: From NPR News, this is ALL THINGS CONSIDERED. I'm Melissa Block.

MICHELE NORRIS, host: And I'm Michele Norris. The cyber security firm McAfee has released a report about a massive cyber-attack. Hackers hit more than 70 corporations, nonprofits, government agencies, and human rights groups in 14 different countries. NPR's Laura Sydell reports on what McAfee is calling Operation Shady Rat.

LAURA SYDELL: The report from McAfee says their security team gained access to a server that was used as part of a staging ground for the attack. McAfee's Dr. Phyllis Schneck says among those targeted were major multi-national corporations and defense contractors.

Dr. PHYLLIS SCHNECK: This has been corporate espionage on steroids.

SYDELL: Corporate espionage on steroids - that's quite a term.

SCHNECK: And the adversary's been very quiet and exceedingly meticulous.

SYDELL: Schneck says their research shows attacks going back to 2005. The hacker gained access by sending a very carefully crafted email to people inside targeted companies.

SCHNECK: It doesn't typically have the spelling errors that we're used to seeing in the fraud emails. It is designed to have a header that looks like it came from your organization.

SYDELL: When the recipient clicks on a link the hacker gets inside the organization's computer, stays there and watches. This kind of stealth attack can steal hoards of corporate secrets that could be used to take down entire industries. The targets also included human rights organizations, local governments, the United Nations, the Associated Press offices in Taiwan and the International Olympic Committee, which was most heavily targeted during the Olympics in Beijing. This, along with the targeted human rights groups, is leading many security and foreign policy experts to believe that the culprit is China. Laura Sydell, NPR News.

Copyright © 2011 NPR. All rights reserved. Visit our website terms of use and permissions pages at www.npr.org for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.

Comments

 

Please keep your community civil. All comments must follow the NPR.org Community rules and terms of use, and will be moderated prior to posting. NPR reserves the right to use the comments we receive, in whole or in part, and to use the commenter's name and location, in any medium. See also the Terms of Use, Privacy Policy and Community FAQ.