UK spy agency says cyber raids show need for security

LONDON Wed Aug 3, 2011 12:39pm EDT

LONDON (Reuters) - Britain's electronic spy agency told Reuters on Wednesday a report disclosing unprecedented cyber raids demonstrated the need for an international "shared understanding" of acceptable online activity that could boost trade and social development.

In a rare public comment, the Government Communications Headquarters (GCHQ) said the breaches found by security company McAfee also illustrated the importance for online defenses to create a trusted space for business and communications.

McAfee said it believed there was one "state actor" behind the attacks on 72 organizations including the United Nations, governments and companies around the world.

The company declined to name the country, though one security expert who has been briefed on the hacking said the evidence points to China.

A spokeswoman for GCHQ, one of the three main arms of British intelligence, made no comment on who was believed responsible for the attacks

"Attribution for attacks in cyberspace is always difficult. But whoever is responsible, this report is another reminder of the need for effective cyber-security," she said by email.

"The networked world offers huge potential for boosting growth, international trade and economic and social development worldwide. But in order to realize these benefits, cyberspace must be a trusted place to do business and share ideas."

The McAfee report highlighted that cyber security challenges were transnational and it called for concerted international co-operation in response, GCHQ said.

"To achieve that, we need to build the widest possible shared understanding of what constitutes acceptable behavior in cyberspace."

The spokeswoman said an international conference on cyber security being hosted by Britain in November would advance the debate on how to safeguard the online world.

McAfee said it learned of the extent of the hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a "command and control" server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.

It dubbed the attacks "Operation Shady RAT" and said the earliest breaches date back to mid-2006, though there might have been other intrusions. (RAT stands for "remote access tool," a type of software that hackers and security experts use to access computer networks from afar).

The long list of victims in the five-year campaign include the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies, from defense contractors to high-tech enterprises.

GCHQ eavesdrops on electronic communications, helps defend Britain's cyber security and is developing an offensive cyber ability. It works closely with the MI5 Security Service and the Secret Intelligence Service, the other main spy agencies.

GCHQ's Director, Iain Lobban, said in Oct 2010 that countries were already using cyber warfare techniques against each other and needed constant vigilance to protect computer systems. British government systems were targeted 1,000 times each month.

(Reporting by William Maclean; Editing by Myra MacDonald)

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see
Comments (1)
gatoMalo wrote:
Four (4) years ago Scientific America wrote an article about “China Cyber Attacks Signals- – – New Battlefield is Online”. In 2011 we have seen a surge in China’s hacking but why did we not prepare for this when we knew about it for so long. In 2007 they hacked the UK, France and the US. In the article it stated, “China’s military goals are to improve its ability to wage information warfare.
This is nothing new we knew about China a long time ago ask any security person. This article show’s how bad security was at some of these places and now the U.S is giving the Smart Grid contract to Lockheed. Are we out of our minds. Lockheed reported that the hack this year that enabled China to collect TS document and special DoD project. Lockheed claimed it was not a bad one(hack) and they stopped it immediately. Bull- Lockheed got hacked slow and heavy the hackers then just sat in the catbird seat and watched us. That”s the security company that I don’t want to protect our Smart Grid.

Aug 04, 2011 8:51am EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.