A cyber-espionage operation lasting many years penetrated 72 government and other organisations, most of them in the US, and has copied everything from military secrets to industrial designs, according to technology security company McAfee.
In a report released on the eve of a major conference on hacking, McAfee said that it had obtained access to a computer that controlled the operation and documented a pattern of attacks dating back at least as far as 2006.
McAfee did not name most of the targets but said they included six US government agencies and 13 defence contractors. It said some classified military secrets had been stolen and that logs showed that the UN, the International Olympic Committee, Olympic committees of several countries and a large US-based news organisation were among the victims.
Dmitri Alperovich, McAfee vice-president, said the nature of many of the targets strongly suggested backing by a national government, since there would be no obvious economic benefit for crime groups.
People briefed on McAfee’s research said the most logical suspect was China, which was not among the Asian countries that were home to any of the victim institutions. Two South Korean companies and a government agency, as well as companies in Taiwan and Vietnam, were compromised.
McAfee compared the attacks with a hacking campaign known as Aurora, which was revealed by Google in January 2010. Big US defence contractors and other technology companies were among dozens of firms hurt in that attack, which US investigators and Google executives blamed on China.
Similar methods were employed in the more recent breaches of security firm RSA, which authenticates employees of many defence companies, and contractor Lockheed Martin.
US intelligence authorities, including Michael Hayden, former CIA chief, have publicly credited China with an unprecedented and continuing theft of western digital secrets for commercial and strategic reasons.
McAfee, which is owned by top chipmaker Intel, echoed that sentiment in its 14-page report.
Referring to the likelihood of widespread hacking intrusions, Mr Alperovich wrote: “I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact.”
He said attacks in the operation revealed in the report began with e-mails sent to employees at the target organisations that carried malicious programs allowing the hackers to assume control of the users’ machines. The hackers then moved through the network and escalated the level of access to which they were entitled.
Other security researchers, federal officials and defence industry employees have complained for years that Chinese hackers have been stealing digital data, though proof is extremely difficult to obtain in cyberattacks. China has dismissed all the allegations.
For private companies, defending against such attacks is difficult without government funding, and that has yet to have been proposed. A White House cybersecurity initiative unveiled in June promised that the government would work with the private sector to provide a “unified response to future cyber incidents”.
Espionage has long been standard practice among nations, but the claimed Chinese successes have left US officials grappling to establish some sort of policy or agreement that would set limits.