China is once again being suspected of involvement in cyber-surveillance after security vendor McAfee Corp. released a report about a major, years-long hacking operation yesterday.
Operation Shady RAT was a five-year operation conducted by one actor, which McAfree suggests is a national government, but doesn’t go so far as to name which one. McAfee was able to analyze the attacks after gaining access to a command and control server used by the hackers.
While China is the obvious suspect many media are pointing to as a result of past incidents such as GhostNet, determining the point of origin is not always so clear cut when it comes to cyber attacks. As University of Alabama professor Gary Warner explains in this video from April 8, 2010, Chinese service providers may serve as a hosting ground for criminals, but that doesn’t prove those criminals are based in China.
Gary Warner discusses his analysis of hacking activity.