Aug 3, 2011

Internet company Koallo owner Stuart Hodge looks over some of his servers in a secure room in Carp, Ont. on July 13, 2011. (Adrian Wyld, Canadian Press)

Computer security company McAfee has issued a report detailing a five-year hacking scheme that targeted countries, companies and numerous organizations.

McAfee says there were more than 70 intrusions from the same source over the past five years, including four in Canada.

The earliest, in July 2008, targeted an unidentified Canadian information technology company for four months, then the Montreal-based World Anti-Doping Agency was infiltrated for 14 months in August 2009.

David Skillicorn, a Queen’s University School of Computing professor and computer security expert, says people need to realize that the internet isn’t as secure as they may think.

“Everyone thinks they are in a nice neighborhood, but when you are on the internet, it’s like you are walking down the darkest streets of the world," said Skillicorn. "If you are on the internet, you are everywhere. There are billions and billions of people with access to the internet and some of them are really bad people who will hack into your system and steal important data."

McAfee says two unidentified Canadian government agencies were targeted — the first in October 2009 for six months and the second in January 2010 for one month.

"The question of cyberattacks is not new and it's an ongoing concern," said Liberal MP Geoff Regan, critic for industry and consumer affairs.

"The question is what steps are being taken by government to make sure this doesn't happen. If we find that this latest incident has resulted in more of that information being compromised, then I think the government has some answers to give," said Regan, who stressed that he had not yet read the McAfee report.

The report goes on to say the governments of the U.S., Taiwan, India, South Korea and Vietnam were also on the target list, along with the IOC, the United Nations and an array of companies.

The report author, Dmitri Alperovitch, says most victims have long since addressed the infections and the report is meant to reinforce the fact that anyone can fall prey to intrusions.

McAfee has dubbed the scheme Operation Shady RAT, with RAT being a common acronym in the computer industry meaning Remote Access Tool.

http://www.cbc.ca/news/canada/ottawa/story/2011/08/03/pol-governmen...