Expert: Cyberattacks might be the tip of the iceberg
A five-year long series of cyberattacks targeting more than 70 companies and government organizations may be just the tip of the iceberg, a cybersecurity expert said Wednesday.
Dmitri Alperovitch, vice president of threat research at cybersecurity firm McAfee, discussed a new report on a series of cyberattacks that his company discovered. McAfee gained access to the logs belonging to one server, based in a Western country the company declined to identify, that was used by the hackers. It revealed which companies and organizations had been hit in the past five years by the operation.
Alperovitch said that it's likely that there are probably hundreds, if not thousands, of other servers engaged in the same type of shenanigans.
"If you extrapolate the 70-plus victims into hundreds or thousands [of computers] you see the whole economy is impacted by these intrusions," Alperovitch said. He said such intrusions pose a threat not just to U.S. national security but also to its economic security.
Among those victimized were United States and other governmental agencies, international organizations such as the Association of Southeast Asian Nations, the International Olympic Committee, United Nations, and the World Anti-Doping Agency, and a wide array of private firms in such sectors as defense contracting, information technology, energy, real estate, computer security, new media, and insurance.
Alperovitch declined to say who the company believes is behind the attacks but did say that it believes it is likely a "state actor," given that the hacking involved such a wide array of targets, including political, non-governmental groups, and industry. He noted, for example, that the attacks on the Olympic committees occurred just prior to and following the 2008 Olympics.
But James Lewis, director and senior fellow of the technology and public policy program at the Center for Strategic and International Studies, said China and possibly Russia might have been responsible.
"If you look at the target list, it was likely to be a government that had a strong interest in Asia and Taiwan," Lewis said by e-mail.
NEXT STORY: New report shows sweeping cyber-spying