Chinese cyber spy network hacks into 103 nations
China accused of running ‘GhostNet’ after Dalai Lama’s office raise alarm
Monday 30 March 2009
The Chinese government is under pressure to answer allegations that it is operating a huge cyber spy network that has hacked into classified files in computers in 103 countries and monitored secret correspondence sent by the office of the Dalai Lama.
Researchers in Britain and Canada revealed over the weekend the existence of the so-called GhostNet network that has been gathering information from governments and private organisations. Some researchers said it could not be proved conclusively that the Chinese government was behind the network but others directly accused the authorities in Beijing.
Experts said the vast scale of the network was unsettling. The researchers found that the network had spied on computers belonging to governments in Europe and South Asia, using software so advanced it could turn on the camera and audio-recording functions of an infected computer, allowing those watching to see and hear what was happening in a room.
About 1,300 computers were found to have been compromised. They belonged to the foreign ministries of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan. Hacked systems were also found in the embassies of India, South Korea, Indonesia, Romania, Thailand, Taiwan and Pakistan.
Some of the most extensive evidence uncovered related to the computers used by the office of the Dalai Lama and the exiled Tibetan government, which is based in the Indian Himalayan town of Dharamsala.
The office of the Dalai Lama initially contacted the researchers for help amid fears about its computers. After investigating the office's computers, the researchers discovered evidence of a much broader spy network.
"We uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama," said Greg Walton, a researcher based at the University of Toronto.
No one from the Dalai Lama's office was available for comment but researchers said the spying had already affected the operation of the exiled government; after the Dalai Lama's office emailed an invitation to a foreign diplomat to visit, the Chinese government contacted the diplomat and tried to persuade them not to go. Tibetan groups said the revelations did not surprise them. Tsewang Rigzin, the president of the Tibetan Youth Congress in Dharamsala, said: "I am sure they are spying on us as well. They are spamming our email and sending us loads of junk mail."
Matt Whitticase, from the London-based Free Tibet campaign, said the number of emails sent to his organisation containing sophisticated Trojans and other malware increased during times of controversy for China. Before last summer's Olympics and during the crackdown on demonstrators in Tibet, the number spiked.
"I am not surprised by this. The Chinese government monitors any group it considers a threat. The Tibetan government in exile would definitely be one such target," he said.
The Toronto team said they could not prove the Chinese government was behind the hacking but in a separate report, those who researched spying on the Tibetan exile movement did not hesitate to point the finger.
Ross Anderson, from Cambridge University, and Shishir Nagaraja, from the University of Illinois, said the web-hosting and email services used by the Dalai Lama's office were provided by a California-based company. Examining the email server logs, they discovered a number of successful logins from IP addresses that belonged to Chinese and Hong Kong providers. None were associated with anyone from the Tibetan government's office.
They wrote: "Agents of the Chinese government compromised the computing infrastructure of the office of His Holiness the Dalai Lama ... and then downloaded sensitive data. People in Tibet may have died as a result. The compromise was detected and dealt with, but its implications are sobering. It shows how difficult it is to defend sensitive information against an opponent who uses social engineering techniques to install malware."
In 2007, Britain accused China of carrying out cyber espionage against major companies and banks.
Returning to the stage after 20 years makes actress feel 'nauseous'
Top conservatoire offers ‘groundbreaking’ arts degree
- 1 Scottish independence: Ireland since 1919 is a lesson for Scotland in what a Yes vote means
- 2 A bottle of wine a day is not bad for you and abstaining is worse than drinking, scientist claims
- 3 Grandmas keep accidentally tagging themselves as Grandmaster Flash on Facebook
- 4 Daniele Watts: Django Unchained actress detained by Los Angeles police after being mistaken for a prostitute
- 5 Kanye West halts concert after two fans don't stand up - doesn't realise one is in wheelchair and the other disabled
Islamic State: Pope is 'being targeted by Isis', Iraqi ambassador to the Holy See warns
Jennifer Lawrence and Kate Upton nude pictures exhibition cancelled after artist concedes photos were 'stolen property'
Scottish independence referendum: A nation divided against itself
John Travolta addresses former pilot's gay romance allegations publicly for the first time: 'That was the lowest I'd ever felt'
Richard III: Two years after his body was found scientists discover how he died
Daniele Watts: Django Unchained actress detained by Los Angeles police after being mistaken for a prostitute
The political class is doing what Hitler couldn’t – destroying Britain
Scottish independence: Nationalist leader Jim Sillars threatens pro-union companies with 'day of reckoning' after independence
Scottish independence: Yes campaign feels the heat as Alex Salmond's NHS claims come under furious attack
Portuguese academic says British are 'filthy, violent and drunk'
£23m Birmingham cycle scheme is attacked by Tory councillor for not catering to the elderly
£50 - £85 per day: Randstad Education Preston: Rapidly developing and growing ...
£1034496 - £1516224 per annum: Randstad Education Cambridge: The Job:Randstad ...
£85 - £140 per day: Randstad Education Preston: Randstad Education are urgentl...
£50 per day: Randstad Education Cheshire: SEN Teaching Assistant EBD , Septemb...