Sunday

24th Jul 2016

EU firms among targets in epic-scale hack

An unnamed state actor, believed by some experts to be China, has plundered data from three EU companies, on top of 69 other victims worldwide.

US-based cyber security firm McAfee uncovered the operation, which it has dubbed Shady RAT, by accessing a command server used by the intruders, and published its results in a 14-page study on Tuesday (2 August).

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

  • McAfee: 'I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know' (Photo: *n3wjack's world in pixels)

RAT is short for Remote Access Tool, a type of software.

McAfee declined to name the companies affected, but said a Danish satellite communications firm, a German accounting company and a UK computer security firm were among the victims. Each of the companies was effectively being burgled for between eight and 12 months at a time in the 2008 and 2009 period without their knowledge.

The majority of the victims were US defence companies (12 in total) and US government agencies (12). Asian targets - in India, Indonesia, Japan, Singapore, South Korea, Taiwan and Vietnam - were also hit. The hacks took place between 2006 and 2011.

McAfee suspects a state actor because much of the stolen information has political rather than commercial value - Asean, the International Olympic Committee, the UN, political think-tanks, the Hong Kong office of Associated Press and pro-democracy NGOs were penetrated as well.

"The interest in the information held at the Asian and Western national Olympic Committees, as well as the International Olympic Committee and the World Anti-Doping Agency in the lead-up and immediate follow-up to the 2008 Olympics [in Beijing] was particularly intriguing and potentially pointed a finger at a state actor behind the intrusions," McAfee's vice-president of threat research, Dmitri Alperovitch, wrote in the study.

Other experts were less shy about naming China.

Jim Lewis, director of technology and public policy at the Washington-based Center for Strategic and International Studies, told Reuters that China, Russia, the UK and the US have the capacity to carry out such an operation.

"Everything points to China. It could be the Russians, but there is more that points to China than Russia ... We wouldn't spy on ourselves and the Brits wouldn't spy on us," he said.

EU to tweak rules on Chinese 'dumping'

The EU Commission has tried to fudge the issue of whether China is a “market economy” amid efforts to protect European industry from cheap exports.

Court ruling puts Renzi bank plan in doubt

EU court ruling on bank bailouts has raised the likelihood of a political embarrassment for Renzi, months before a referendum puts his future and, potentially, Italy’s euro future on the line.

Stakeholders' Highlights

  1. Belgrade Security ForumMigration, Security and Solidarity within Global Disorder: Academic Event Agenda for 2016
  2. GoogleHow Google Fights Piracy: Creating Value While Fighting Piracy
  3. EJC"My Visit to Israel" - Opinion by MEP Lopez Aguilar, Chair of the EP Working Group on Antisemitism
  4. World VisionChildren Migrating, Out of School and at Work as Hunger Deepens in Southern Africa
  5. European Healthy Lifestyle AllianceStand-Up (and Exercise) to Prevent Chronic Diseases
  6. Centre Maurits CoppietersLaunches a Real-time News Hub Specialised in EU Stakeholders
  7. Dialogue PlatformFethullah Gulen Calls for International Probe Into Turkey Coup Allegations
  8. GoogleEU-US Privacy Shield: Restoring Faith in Data Flows and Transatlantic Relations
  9. World VisionWorld Leaders & Youth Advocates Launch Partnership to End Violence Vs. Children
  10. Counter BalanceReport: Institutionalised Corruption in Romania's Third Largest Company
  11. Access NowEuropol Supports Encryption. We Can Relax Now… Right?
  12. GoogleLearn about Google's projects across Europe on Twitter @GoogleBrussels

Latest News

  1. Munich attack might not have been terrorism
  2. A very British (and Corbynite) coup
  3. Poland 'changing for the worse' for Muslims and refugees
  4. EU aims to lift visas on Turks despite purge
  5. ECB in ‘bail-out’ of scandal-tainted VW
  6. EU failed to learn lesson from Brexit, Poland says
  7. UK accord on EU workers 'crucial', France says
  8. EU and US take different lines on Turkey crackdown