r
rtrembley
Aug 08, 2011

How to stop a Shady Rat attack on your business?

How did the hackers invade so many US companies computer systems without being detected? How can my company protect ourselves from IP thieves from foreign nations? I'm only guessing it was the Chinese but they seem to keep getting caught doing hacking an awful lot nowadays.

a
albertogonzalez
09/01/2012

There are various reason why most hackers are unidentifiable their location, type like they hide their real IP, using private server or proxy or the worst hacker may have contact within one corporation or company. Not to mention, some Chinese is also knowledgeable in hacking, they often hacking our country national offices and government facilities.

Cheers,
Alberto of Eat My Words

jimlynch
12/08/2011
Here's an article with some ideas on how to prevent these kinds of attacks:

Building a Better Shady RAT Trap: Security Connected Framework
http://blogs.mcafee.com/enterprise/security-connected/building-a-better-...

"Recently Dmitri Alperovitch, McAfee’s VP of Threat Research, published a blog about Operation Shady RAT. In the blog and corresponding whitepaper he details an investigation of targeted intrusions into over 70 global companies, governments, and non-profit organizations over the last five years that appear to be sourced from a single actor or group. The targeted attacks used a combination of known attack components such as remote access tools or RATS and spearphishing.

Since the release of this information, there have been questions regarding mitigation techniques for these types of attacks; we’ll look at some now.

It’s important to note that there is no single product that can be plugged in that will stop spearphishing, protect sensitive data, thwart malware, put an end to malicious insiders, etc. Instead there are several solutions across endpoint, network, data security as well as security management that can and should be used in a connected framework to enrich each other and thus mitigate risk, increase ROI, and create greater efficiencies regarding incident detection, prevention, and response. Let’s take a look at some of these controls."
s
stephenb
08/08/2011

There are several things that businesses could have done to prevent being hacked by the Shady Rat transgressors. They failed to hire trained security professionals, who would have instituted encryption and monitoring, which would have made the raw data useless if stolen, and let them know when there was a breach so they could patch it. If you fail to plan, you plan to fail.

Answer this