Security firm cites 5-year cyberattack
NEW YORK - A computer security firm says cybercriminals have spent at least the past five years targeting more than 70 government entities, nonprofit groups, and corporations around the world to steal troves of data.
McAfee Inc. said in a report yesterday that the attacks have targeted a broad range of organizations, including the United Nations, the International Olympic Committee, and companies mostly in the United States.
McAfee did not say who may be behind the attacks but says the culprit is likely a nation state.
The report is short on specifics, as the security firm is not naming most of the victims, nor is it stating exactly what data were stolen.
Most of the victims are in the United States. Other victims were in Canada, South Korea, Taiwan, Japan, and nine other countries.
McAfee says the majority of those revelations have been the result of “relatively unsophisticated and opportunistic exploitations for the sake of notoriety by loosely organized political hacktivist groups such as Anonymous and Lulzsec.’’
But the threats McAfee’s report focuses on are “much more insidious and occur largely without public disclosures,’’ wrote Dmitri Alperovitch, vice president of threat research at McAfee and the report’s author.
The key to these intrusions, he said, is that the perpetrator is motivated by “a massive hunger for secrets and intellectual property.’’
UN spokesman Farhan Haq said McAfee had informed the United Nations that its networks may have been targeted in a broad cyberattack between September 2008 and December 2010. He said the UN’s technical staff in New York and Geneva are analyzing logs of network activity for those periods, looking for evidence of such an attack.
International Olympic Committee spokesman Mark Adams said that, thus far, the attacks are “a claim being made by McAfee’’ and that the security firm’s researchers “have yet to give us any evidence or detail.’’