Congress Asks McAfee for Briefing on Operation Shady RAT

Rep. Mary Bono Mack

Congress is digging deeper into McAfee’s recent report that uncovered one of the largest series of cyber espionage activities to date.

Rep. Mary Bono Mack, R-Calif., chairman of the House Commerce subcommittee, requested a detailed briefing of the extent, effects and capabilities of the cyber attack in a letter sent yesterday to the report’s author, Dmitri Alperovitch.

In the letter, Bono Mack expressed her concerns over the details of the massive operation and asked how the government and private sector could more effectively mitigate data breaches.

The report, dubbed “Operation Shady RAT,” was released last week by McAfee and revealed that some 72 organizations and governments around the world fell victim to a massive,  five-year long cyber attack carried out by an unnamed, specific state actor. Of the 72 victim organizations, 49 are based in the United States, with 14 listed as U.S. government entities and another 13 as defense contractors. Other targeted countries include Taiwan, Vietnam, South Korea, Canada and India, among others.

“[The subcommittee] has jurisdiction over cyber security and data security and has engaged in a multiyear oversight effort into the effects on consumers, our international competitiveness, and the economy as a whole,” she wrote to Alperovitch. “As the subcommittee continues its oversight in this matter, I request a briefing from your security threat research team to inform our efforts.”

Alperovitch, McAfee’s vice president of threat research, explained last week that the full extent of the data breaches remains largely unknown. However, Bono Mack hopes he can outline for her the ways in the government and private sector can implement proper defenses to prevent similar attacks. She also asked in the letter whether hackers consider intellectual property and national security information a greater target than personal consumer information. 

Her letter also requested information on the potential impact the data breaches might have on the American economy.

According to Alperovitch, Operation Shady RAT is a comprehensive analysis of an examination of logs that reveal the full extent of the victim population since mid-2006. It discovered the compromises were executed through standard spear-phishing emails that initiated communication channels and deployed a series of data exfiltration activities.

You may also be interested in...

Red Hat’s David Egts: Open-Source Training, ‘Sense of Mission’ Could Help Agencies Address Cyber Skills Gap

David Egts, chief technologist for Red Hat’s North American public sector, has said there are several options …

HHS, Industry Aim to Help Health Organizations Mitigate Cyber Threats With New Publication

The Department of Health and Human Services has released a four-volume document that outlines 10 …

Cloud-Based Identity Tools, Mobile Device-Based Authentication Among Cyber Market Trends to Watch in 2019

Some of the trends in the cybersecurity market to watch in 2019 include the availability …