LONDON (Reuters) - Britain’s electronic spy agency told Reuters on Wednesday a report disclosing unprecedented cyber raids demonstrated the need for an international “shared understanding” of acceptable online activity that could boost trade and social development.
In a rare public comment, the Government Communications Headquarters (GCHQ) said the breaches found by security company McAfee also illustrated the importance for online defenses to create a trusted space for business and communications.
McAfee said it believed there was one “state actor” behind the attacks on 72 organizations including the United Nations, governments and companies around the world.
The company declined to name the country, though one security expert who has been briefed on the hacking said the evidence points to China.
A spokeswoman for GCHQ, one of the three main arms of British intelligence, made no comment on who was believed responsible for the attacks
“Attribution for attacks in cyberspace is always difficult. But whoever is responsible, this report is another reminder of the need for effective cyber-security,” she said by email.
“The networked world offers huge potential for boosting growth, international trade and economic and social development worldwide. But in order to realize these benefits, cyberspace must be a trusted place to do business and share ideas.”
The McAfee report highlighted that cyber security challenges were transnational and it called for concerted international co-operation in response, GCHQ said.
“To achieve that, we need to build the widest possible shared understanding of what constitutes acceptable behavior in cyberspace.”
The spokeswoman said an international conference on cyber security being hosted by Britain in November would advance the debate on how to safeguard the online world.
McAfee said it learned of the extent of the hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a “command and control” server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.
It dubbed the attacks “Operation Shady RAT” and said the earliest breaches date back to mid-2006, though there might have been other intrusions. (RAT stands for “remote access tool,” a type of software that hackers and security experts use to access computer networks from afar).
The long list of victims in the five-year campaign include the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies, from defense contractors to high-tech enterprises.
GCHQ eavesdrops on electronic communications, helps defend Britain’s cyber security and is developing an offensive cyber ability. It works closely with the MI5 Security Service and the Secret Intelligence Service, the other main spy agencies.
GCHQ’s Director, Iain Lobban, said in Oct 2010 that countries were already using cyber warfare techniques against each other and needed constant vigilance to protect computer systems. British government systems were targeted 1,000 times each month.
Reporting by William Maclean; Editing by Myra MacDonald