McAfee Disclaims Claims of Chinese Involvement in 'Shady RAT' 56
hackingbear writes "In an interview with Chinese official Xinhua news agency, McAfee said no direct evidence suggests a particular nation such as China is behind Operation Shady RAT, a five-year cyber campaign discovered by McAfee. Alperovitch told Xinhua that they 'don't have direct evidence that conclusively points to a particular nation state' behind the scheme. So the same online security industry that has propagated Chinese cyber threats in front of Western media denies they made such suggestion of China, another of their major markets." Also on the Shady RAT front, reader kermidge writes with a post from Hon Lau at Symantec containing details lacking in McAfee's Wednesday report; included are examples of the vectors and commands used, along with cogent commentary.
Why is this supposed to be a government attack? (Score:5, Interesting)
Reading the details I really wonder why this is supposed to be a government-backed up attack. Neither the trojan nor the attack vector described by the guy from Symantec look very sophisticated to me. From a government-sponsored attack I'd at least expect some previously unknown exploits, rootkit, traffic tunneling, anti-virus product circumvention and generally more efforts to hide that there is a trojan or an outgoing connection.
There must be something missing. So, what's so special about this particular persistent attack?
Re:Fear (Score:2, Interesting)
Some of the companies and agencies are well aware of the damage that can be done by disclosure of this. Never mind that the F35 plans have been stolen and that other intellectual property has been taken. The theft reported here and others are condoned, possibly sponsored and maybe directly involved by China. That's not a scare tactic, it's a fact. China doesn't have to have direct involvement in this matter. They can provide technology, access and foster the culture that allows this to continue. There are Chinese Universities that constantly show up on my Internet facing servers trying to probe known vulnerabilities with Apache, IIS etc. Just kids poking around? Maybe but it's still malicious intent. The sad part about these thefts is that it doesn't take a lot to protect an organization from these kinds of attacks and I am absolutely angry at our government for not doing more to protect our interests here, blocking traffic is a start but there's others. Routine vulnerability assessments and other things go along with it.
There's a reason Firewalls exist and I think that companies who don't routinely look at the logs on their Firewalls, VPN servers and Web Servers are not only exposing themselves to undue risk but are not doing their due diligence to their share holders. I'm also puzzled why the US government hasn't asked many ISPs to start blocking address ranges originating from China. If that were to start happening I think the Chinese government would take these illegal activities more seriously, at least publicly.
Now, I'm not a China basher but this country has a vast stake in taking things from us to their benefit. 30 years ago, China was not even on the Radar economically but look at it now and most of that growth has been at the expense of one nation, the
We have allowed US Companies to ship, wholesale, key technologies to China that have allowed them to take about every good paying job in this nation and we wonder why we can't pay our bills in congress? It takes tax revenues to pay for bombers, wars and social programs and if 9 to 10% of your population is unemployed you won't be getting that much tax revenue. In fact, you'll be spending more on Social benefits to keep those folks from starving. Apple for example wants protecting for its products under US law but how many are employed at Foxconn making Apple products? Strange how a company with over $72B in cash doesn't start hiring people in the US a bit more. It's not just Apple, it's Microsoft, Cisco, GE and other companies looking for that really cheap labor to build and design their products. Yes, Globalization is the root cause but you can't ignore the fact that this country has lost manufacturing jobs in droves and where do they go? China and India. Fair trade should be fostered but not at the expense of your own country both in terms of it's economic viability but its social structure as well.