Operation Shady RAT: China again

By Jim Emerson, staff writer

A shocking report titled Operation Shady RAT released by Dmitri Alperovitch, Vice President of Threat Research at McAfee  revealed the existence of long standing cyber spying aimed at stealing intellectual property and trade secrets from western based firms.

The folks a McAfee gained access to a server that was used by the hackers and downloaded logs “that reveal the full extent of the victim population since mid-2006 when the log collection began.”  They noted this is when the event logs began but agreed the cyber-espionage program may have been in operation before 2006. “So far, it is unknown what information was downloaded and how much.

China, the usual suspect

The leading suspect in this operation is China. The Chinese regularly use cyber-espionage to gain advantages over adversaries in manufacturing and military arenas. Hacking is not new to the Chinese and is most likely a key component in the daily operations of its intelligence collection agencies. Since Industry and other activities are government controlled it would make sense that a dedicated group of Chinese cyber warriors would attack a wide range of targets from the various Olympic Committees, Press Companies, to military contractors. As Alperovitch, pointed out, “I would like to caution you that what I have described here has been one specific operation conducted by a single actor/group.”

U.S officials were caught by surprise

According to Fox News U.S. Officials were not aware of the cyber-spying until McAfee reported it to the White House prior to posting the report in its blog. Homeland Security was caught flat footed as evident in Janet Napolitano’s response at a press conference. She said, We became aware of the McAfee report I think today, which is when it was released to the press as well.”   The U.S. Computer Emergency Readiness Team is the operational arm of the National Cyber Security Division at the Department of Homeland Security. They should have known what was happening, but they didn’t. Once again we see a failure to protect us on the part of an Obama agency.

This may have been the method of attack used to breach the Pentagon’s network and steal approximately 24,000 documents. Fox also reported “On March 17, NSA director General Keith Alexander, who also serves as the head of the Pentagon’s new Cyber Command, said that the military does not have the capacity to safeguard Pentagon networks from cyber-attack.”

As reported by Fox News “We’re aware of the (McAfee) report,” White House spokesman Jay Carney said during a press briefing. “Detecting and blocking cyber-intrusion is a key cyber-security goal for this administration.”  This just begs for quoting Dee Snider, “If that’s your best, your best won’t do.”

 To contact your Congressional Representative use this link: http://www.contactingthecongress.org/

To read more use these links:



This day in history August 6

1945: The first atomic bomb used in warfare was dropped on Hiroshima Japan.

 Six Wisconsin Republican State Senators need your help. They are facing a union thug forced recall election. The most endangered is Dan Kapanke,  he really needs your help:


In this world you may have knowledge or you may have repose, but you may not have both.  What have you done today to deserve to live in America?

 Comments on this or any other coachisright.com essay can be sent by following the posting instructions below.

Be Sociable, Share!

5 thoughts on “Operation Shady RAT: China again”

  1. Jim, did your source reveal just when it was that McAfee discovered the breach ?
    And… what was the time line between their discovery and their notification of Homeland Security?
    You may not have access to this information, but I thought it important enough to at least ask.

    1. I don't believe they had the information for too long. McAfee did alert the National Cyber Security Division and briefed the White House 2 Weeks ago.

      The activity wasn't discovered until McAfee got ahold of one of the Servers that were being used by the Hackers where system’s log wasn’t scrubed. MacAfee received the server logs around June/July 2011. To analyze the full extent of the operation takes time.

      1. Thanks for the reply Jim ! At least we know now that neither McAfee nor Homeland Security/ Cyber Security just "sat" on the problem, assuming we accept their time-line as valid and truthful.
        I wish that McAfee or HS would have seen fit to list the targeted industries of these spy-logs.
        The capture of the hacking computer would make for an excellent action-drama ! I wonder how it was "discovered" ?
        Perhaps Walmart, K-Mart, Stein-Mart, Kohl's, Target, etc., shoppers will think twice now of putting the "Made in China" item(s) into their carts.
        China lacks its' own innovation and steals from others the products of their labors.
        Sorry, I initially forgot to thank you for such an interesting article. But it's not too late to remedy that. Bon! Bon! mes amie! And, "Jolly Good Show Mate"!

    1. Raymond. I'd have to say that the video was a really well-done, much needed, and funny, boot in Obama's face.
      Thanks for sharing it !

Comments are closed.