Recently McAffe published a worldwide hacking report about what they are calling Shady RAT.

The United Nations, Olympic committees, governments, U.S. real estate company, a major media organization based in New York, a satellite communications company and other companies around the world, totaling 72 organizations, have been hacked by a “state actor”.

While there are suspicions as to which country was involved,it has not yet been proven. McAfee’s vice-president of threat research, Dmitri Alperovitch, wrote in a 14-page report that, “Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators. What is happening to all this data … is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat.”

What was also revealed that there were 11 command and control servers mostly based in Beijing or Shanghai. This bit of news should scare every company who thinks about moving their company’s files, customer data and/or intellectual property to the cloud. Data is becoming the new currency of the virtual world and criminals what it. The cloud is so tempting because the most value can be stolen from a single intrusion. What can be more attractive than a network with massive amount of data? Here are the major issues with cloud systems:

Where is the actual data being stores? Most servers are located off shore.
Companies have no control over how the data is partitioned, protected or isolated.
Companies don’t know what backdoors or spyware that is running in the server either intentionally or through a cyber attack.
Attacks may go unreported because the same U.S. privacy laws don’t apply in foreign countries.
Many times attacks are done through careless employee activities. Just look at Privacy Rights Clearinghouse for examples.
With well over 535 million potential victims of having their personal information compromised, the cost of a breach to a company averaging over $7.2 million and new privacy legislation being enforced to add even more regulation and financial burdens on business, don’t expose yourself to a targeted attack.

Here are some things you can do:

Encrypt all data on every computer and server.
Implement multi-factor authentication technologies like smartcards.
Train employees on the importance of security and what it can mean to their own employment.
Bring in IT security experts to monitor and evaluate your overall network security. While in-house IT is important, security requires specialists.
While nothing can 100% prevent a breach, however the goal is to throw in enough barriers to get the cyberthieves to look elsewhere and to mitigate any damage that they can cause.

Here are some sites that you can visit to find out more about Shady Rat.

Symantec
McAfee
Computer World
WebPro News
About Access- Smart
Did you know that 35% of all data breaches are a result of lost, stolen or compromised personal computers? That means that although companies invest in numerous technologies to protect their information, they have a 35% gap in their security plan on PC’s.

Our product, Power Logon, assists in reducing financial and business risks associated with data privacy legislation compliance. By law (e.g. HIPAA, HITECH, FACTA, PCI, etc.) companies/education/gov’t entities must protect their customer’s and employee’s Personally Identifiable Information (PII). Failure to do so can cost these organizations, and their executive boards, millions of dollars in fines, fees and lost customers.

Please call us at 949-218-8754 for your no-obligation consultation.

Author's Bio: 

Dovell Bonnett has been creating security solutions for computer users for over 20 years. In order to provide these solutions to consumers as directly, and quickly, as possible, he founded Access Smart. With each of his innovations, the end user — the person sitting in front of a computer — is his No. 1 customer.

This passion, as he puts it, to “empower people to manage digital information in the digital age” also led him to write the popular Online Identity Theft Protection for Dummies. Within the pervasive nature of our e-commerce and e-business community, personal information, from credit card numbers to your pet’s name, is more easily accessed, and identity theft and fraud has become an issue that touches every consumer.

Mr. Bonnett’s solutions reduce security risks for individual users, small businesses and large corporations. His professional experience spans 21 years in engineering, product development, sales and marketing, with more than 15 years focused specifically on smartcard technology, systems and applications. Mr. Bonnett has spent most of his smartcard career translating and integrating technology components into end-user solutions designed to solve business security needs and incorporating multi-applications onto a single credential using both contactless and contact smartcards. He has held positions at National Semiconductor, Siemens (Infineon), Certicom, Motorola and HID. He is the author of smartcard articles, regularly presents at conferences, and helps companies successfully implement smartcard projects. Mr. Bonnett has been an active member of the Smart Card Alliance contributing to the development of physical access security white papers. He holds dual bachelor’s degrees in industrial and electrical engineering from San Jose State University.