Operation Shady RAT

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Operation Shady RAT is an ongoing series of cyber attacks starting in mid-2006[1] reported by Dmitri Alperovitch, Vice President of Threat Research at Internet security company McAfee in August 2011, who also led and named the Night Dragon Operation and Operation Aurora cyberespionage intrusion investigations.[2] The attacks have hit at least 71 organizations, including defense contractors, businesses worldwide, the United Nations and the International Olympic Committee.[3][4]

The operation, named by Alperovitch as a derivation of the common computer security industry acronym for Remote Access Tool, is characterized by McAfee as "a five year targeted operation by one specific actor". The report suggests that the targeting of various athletic oversight organizations around the time of the 2008 Summer Olympics "potentially pointed a finger at a state actor behind the intrusions".[2] That state actor is widely assumed to be the People's Republic of China.[5]

See also[edit]


  1. ^ Jim Finkle (2011-08-03). "State actor seen in "enormous" range of cyber attacks". Reuters. Retrieved 2011-08-03. 
  2. ^ a b Dmitri Alperovitch (2011-08-02). "Revealed: Operation Shady RAT" (PDF). McAfee. Retrieved 2011-08-03. 
  3. ^ "Governments, IOC and UN hit by massive cyber attack". BBC News. 2011-08-03. Retrieved 3 August 2011. 
  4. ^ Nakashima, Ellen, "Report on ‘Operation Shady RAT’ identifies widespread cyber-spying", Washington Post, 3 August 2011.
  5. ^ Gross, Michael Joseph, "Enter the Cyber-dragon", Vanity Fair, September 2011.