The developing revelations around Operation ‘Shady RAT’ highlights how important it is for the New Zealand Government, critical infrastructure and corporates to continuously review their protection against cyber attacks and espionage.
Shady RAT has exposed around 70 organisations and their detailed confidential information over a five year period with the initial compromise traced back to a ‘spear-fishing’ email malware attack.
PwC Security and Technology Partner Colin Slater believes this is the longest duration corporate and government espionage case that has come to light in recent years and potentially the most wide ranging set of targets.
Mr Slater says “Operation ‘Shady RAT’ is a very different style and type of attack to the recent Lulzsec, Anonymous and Sony hacks. This is a deliberate and calculated attack with early indications of it originating as an overseas government led scheme.
“The range of targets and the type of attack, being stealthy, combined with such a long timeframe means this could well have continued on unnoticed for an extended period.”
Quantifying the loss of intellectual property, the potential damage to government and corporates and even simply tracking what has been compromised will be a long and costly exercise.
“The New Zealand Government, critical infrastructure and corporates are vulnerable to exactly the same type of attacks and should be taking steps to review and ensure they’re protecting themselves adequately with proper boundary controls, segmentation of highly valued systems and a long hard look at operational risks.
‘We can be sure this RAT will continue to rumble on and over the next few days more information will be disclosed on the targets and the thing everyone wants to know - who did it & why ?” says Mr Slater.