The United States was the main target of cyber attacks that were part of "Operation Shady RAT," the five-year-long hacking effort revealed by McAfee late Tuesday.
The security company has said it believes there was one "state actor" behind the attacks but declined to name it, though one security expert who was briefed on the hacking told Reuters that the evidence points to China. There has been no comment from China so far about the report.
Of the 72 "victims" where governments, corporations or organizations were compromised, 49 of those were in the U.S., according to a breakdown provided by McAfee, followed by four in Canada, and three each in South Korea and Taiwan.
Next were Japan, Switzerland and the United Kingdom, followed by Indonesia, Vietnam, Denmark, Singapore, Hong Kong, Germany and India.
"What we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth — closely guarded national secrets (including from classified government networks), source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts ... design schematics and much more has 'fallen off the truck' of numerous, mostly Western companies and disappeared in the ever-growing electronic archives of dogged adversaries," wrote McAfee's vice president of threat research, Dmitri Alperovitch, in the report.
The United Nations, the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and "an array of companies, from defense contractors to high-tech enterprises" were among those hacked, Reuters said.
Alperovitch did say in the report that "the vast majority of the victims have long since remediated these specific infections."
But, the issue of "what is happening to all this data — by now reaching petabytes as a whole — is still largely an open question," he wrote.
"Although we will refrain from explicitly identifying most of the victims, describing only their general industry, we feel that naming names is warranted in certain cases, not with the goal of attracting attention to a specific victim organization, but to reinforce the fact that virtually everyone is falling prey to these intrusions, regardless of whether they are the United Nations, a multinational Fortune 100 company, a small non-profit think-tank, a national Olympic team or even an unfortunate computer security firm."
Of the 72 "compromised parties," McAfee broke down a list of 32 "unique organization categories." The largest number, 22, was government agencies, including county, state and federal governments in the U.S., as well as a "U.S. government contractor," the United Nations, Canada, South Korea, Vietnam, Taiwan and India.
Thirteen organizations involved the defense industry; another 13, the electronics industry, computer security, information technology, satellite communications, news media, information services and communications technology. Twelve were categorized by McAfee as international sports, economics/trade, think tanks, international government/economics/trade groups, a "political non-profit" and "U.S. national security non-profit."
Another six were construction/heavy industry; steel industry; energy and solar power. Four were real estate, the accounting industry, agriculture and insurance.
- Biggest-ever series of cyber attacks uncovered, UN hit
- Report: Malware infects 3 of 10 smartphone users
- Hackers for hire: Criminals offer services online
- Hackers could spring killers from prison