How to stop a Shady Rat attack on your business?


How did the hackers invade so many US companies computer systems without being detected? How can my company protect ourselves from IP thieves from foreign nations? I'm only guessing it was the Chinese but they seem to keep getting caught doing hacking an awful lot nowadays.

Tags: security
Topic: Security
Answer this Question


3 total
Vote Up (26)

There are several things that businesses could have done to prevent being hacked by the Shady Rat transgressors. They failed to hire trained security professionals, who would have instituted encryption and monitoring, which would have made the raw data useless if stolen, and let them know when there was a breach so they could patch it. If you fail to plan, you plan to fail.

Vote Up (16)

Here's an article with some ideas on how to prevent these kinds of attacks:

Building a Better Shady RAT Trap: Security Connected Framework

"Recently Dmitri Alperovitch, McAfee’s VP of Threat Research, published a blog about Operation Shady RAT. In the blog and corresponding whitepaper he details an investigation of targeted intrusions into over 70 global companies, governments, and non-profit organizations over the last five years that appear to be sourced from a single actor or group. The targeted attacks used a combination of known attack components such as remote access tools or RATS and spearphishing.

Since the release of this information, there have been questions regarding mitigation techniques for these types of attacks; we’ll look at some now.

It’s important to note that there is no single product that can be plugged in that will stop spearphishing, protect sensitive data, thwart malware, put an end to malicious insiders, etc. Instead there are several solutions across endpoint, network, data security as well as security management that can and should be used in a connected framework to enrich each other and thus mitigate risk, increase ROI, and create greater efficiencies regarding incident detection, prevention, and response. Let’s take a look at some of these controls."

Vote Up (9)

There are various reason why most hackers are unidentifiable their location, type like they hide their real IP, using private server or proxy or the worst hacker may have contact within one corporation or company. Not to mention, some Chinese is also knowledgeable in hacking, they often hacking our country national offices and government facilities.

Alberto of Eat My Words

Ask a question

Join Now or Sign In to ask a question.
Netflix has released three internal tools it uses to catch hints on the Web that hackers might target its services.
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach
McAfee, part of Intel Security, has made improvements to its Server Security Suites portfolio with the introduction of performance optimisation and additional management efficiency to increase security for servers in physical, virtualised and Cloud environments.
The cybercriminal gang behind the Kelihos botnet is tricking users into installing malware on their computers by appealing to pro-Russian sentiments stoked by recent international sanctions against the country.
Future versions of the Firefox OS mobile platform will allow users to control application-specific permissions, a feature with both privacy and security benefits that's missing on Android.
A line of routers from a China-based manufacturer has a serious flaw that could allow a hacker to monitor someone's Internet traffic, according to research from Trend Micro.
Smartphones sold in California will soon be required to have a kill switch that lets users remotely lock them and wipe them of data in the event they are lost or stolen.
The U.S. National Security Agency built a "Google-like" search engine to give domestic and international government agencies access to details of billions of calls, texts and instant messages sent by millions of people, according to The Intercept.
Sony's PlayStation and Entertainment networks are back online after they were forced offline by a distributed denial-of-service (DDoS) attack, the company said late Sunday.
Cybercriminals are using a new information-stealing malware program to target companies from the automobile industry in Europe, security researchers warned.
Join us: