Sunday

23rd Apr 2017

EU firms among targets in epic-scale hack

An unnamed state actor, believed by some experts to be China, has plundered data from three EU companies, on top of 69 other victims worldwide.

US-based cyber security firm McAfee uncovered the operation, which it has dubbed Shady RAT, by accessing a command server used by the intruders, and published its results in a 14-page study on Tuesday (2 August).

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

  • McAfee: 'I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know' (Photo: *n3wjack's world in pixels)

RAT is short for Remote Access Tool, a type of software.

McAfee declined to name the companies affected, but said a Danish satellite communications firm, a German accounting company and a UK computer security firm were among the victims. Each of the companies was effectively being burgled for between eight and 12 months at a time in the 2008 and 2009 period without their knowledge.

The majority of the victims were US defence companies (12 in total) and US government agencies (12). Asian targets - in India, Indonesia, Japan, Singapore, South Korea, Taiwan and Vietnam - were also hit. The hacks took place between 2006 and 2011.

McAfee suspects a state actor because much of the stolen information has political rather than commercial value - Asean, the International Olympic Committee, the UN, political think-tanks, the Hong Kong office of Associated Press and pro-democracy NGOs were penetrated as well.

"The interest in the information held at the Asian and Western national Olympic Committees, as well as the International Olympic Committee and the World Anti-Doping Agency in the lead-up and immediate follow-up to the 2008 Olympics [in Beijing] was particularly intriguing and potentially pointed a finger at a state actor behind the intrusions," McAfee's vice-president of threat research, Dmitri Alperovitch, wrote in the study.

Other experts were less shy about naming China.

Jim Lewis, director of technology and public policy at the Washington-based Center for Strategic and International Studies, told Reuters that China, Russia, the UK and the US have the capacity to carry out such an operation.

"Everything points to China. It could be the Russians, but there is more that points to China than Russia ... We wouldn't spy on ourselves and the Brits wouldn't spy on us," he said.

Eurogroup makes 'progress' on Greek deal

Eurozone ministers endorsed an agreement in principle between the Greek government and its creditors over a new package of reforms. But talks on fiscal targets and debt could still block a final agreement.

New anti-trust complaint looms over Microsoft

At least three security software companies “met several times” with the European Commission to complain about Microsoft’s alleged abuse of its market position. A formal case could follow.

Commission stops German-British stock merger

The decision to block the merger of the London Stock Exchange and Deutsche Boerse was expected, as negotiations between the parties broke down a few weeks ago.

SMEs lack support in EU financial plan

The European Commission's plan for a capital markets union is said to be aimed at small and medium-sized enterprises, but many could end up being left out in the cold.

New anti-trust complaint looms over Microsoft

At least three security software companies “met several times” with the European Commission to complain about Microsoft’s alleged abuse of its market position. A formal case could follow.

Investigation

MEPs oppose EU agency to prevent Dieselgate II

The European Parliament said on Tuesday that there should be more EU oversight on how cars are approved, but stopped short of calling for an independent EU agency.

Stakeholders' Highlights

  1. Nordic Council of MinistersDeveloping Independent Russian-Language Media in the Baltic Countries
  2. Swedish EnterprisesReform of the European Electricity Market: Lessons from the Nordics, Brussels 2 May
  3. Malta EU 2017Green Light Given for New EU Regulation to Bolster External Border Checks
  4. Counter BalanceCall for EU Commission to Withdraw Support of Trans-Adriatic Pipeline
  5. ACCAEconomic Confidence at Highest Since 2015
  6. European Federation of Allergy and Airways60%-90% of Your Life Is Spent Indoors. How Does Poor Indoor Air Quality Affect You?
  7. European Gaming and Betting AssociationCJEU Confirms Obligation for a Transparent Licensing Process
  8. Nordic Council of MinistersNordic Region and the US: A Time of Warlike Rhetoric and Militarisation?
  9. European Free AllianceEFA MEPs Vote in Favor of European Parliament's Brexit Mandate
  10. Mission of China to the EUXinhua Insight: China to Open up Like Never Before
  11. World VisionViolence Becomes New Normal for Syrian Children
  12. International Partnership for Human RightsTime to Turn the Tide and End Repression of Central Asia's Civil Society

Latest News

  1. France holds nail-biting 'anti-system' vote
  2. Le Pen-Putin friendship goes back a long way
  3. Mogherini should tell Russians their rights matter
  4. Le Pens Freunde aus dem Trump Tower
  5. Sexe et mensonges: l'information russe sur l'UE
  6. Report: Post-Brexit payments, ECJ jurisdiction could last years
  7. Oxford study raises alarm on 'junk' news in France
  8. Thousands to march in defence of science