Operation Shady RAT

Recently, biggest ever series of cyber attacks uncovered to date, in which hackers were found to have broken into networks of the Indian government, United Nations and US defence companies, with security experts pointing to China as the culprit. This series of cyber attacks is part of the ongoing “Operation Shady RAT” which has been reported by Dmitri Alperovitch, Vice President of Threat Research at Internet security company McAfee in August 2011.

  • This notorious operation as early as 2006 and has hit at least 72 organizations, including defence contractors, businesses worldwide, the United Nations and the International Olympic Committee.
  • RAT refers to “Remote Access Tool” and is a common computer security industry acronym. Operation Shady RAT has been named by McAfee as “a five year targeted operation by one specific actor”.

The 72 organizations in the 5 years campaign include the intrusion in the major organizations around the world, including the governments of India, US, South Korea, Vietnam, Asean, IOC and the world anti-doping agency.


  • The report released by McAfee quotes: “What is happening to all this data…is still largely an open question. However, if even a fraction of it is used to build better competing products or beat competitors at key negotiations, the loss will represent a massive economic threat,”
  • McAfee had notified all the 72 victims of the cyber attacks, which were now under investigations by law enforcement agencies around the world.

Impact on India:

  • Indian authorities had reported hundreds of cyber attacks from Chinese and Pakistani hackers, which were repulsed in 2010.
  • These were largely aimed at sites like the one carrying Commonwealth Games events and news of the sporting event while some of the attacks were aimed at the scoring and timing programmes.
  • One of them detected by the McAfee was part of an operation called “Shady RAT” by investigators and was seen to be Chinese controlled.
  • There were intrusions in several official sites, including the Prime Minister’s Office and cabinet secretariat earlier in 2010 which were also tracked to Chinese hackers.


Leave a Reply