Chinese cyber spy network hacks into 103 nations
China accused of running ‘GhostNet’ after Dalai Lama’s office raise alarm
Monday 30 March 2009
The Chinese government is under pressure to answer allegations that it is operating a huge cyber spy network that has hacked into classified files in computers in 103 countries and monitored secret correspondence sent by the office of the Dalai Lama.
Researchers in Britain and Canada revealed over the weekend the existence of the so-called GhostNet network that has been gathering information from governments and private organisations. Some researchers said it could not be proved conclusively that the Chinese government was behind the network but others directly accused the authorities in Beijing.
Experts said the vast scale of the network was unsettling. The researchers found that the network had spied on computers belonging to governments in Europe and South Asia, using software so advanced it could turn on the camera and audio-recording functions of an infected computer, allowing those watching to see and hear what was happening in a room.
About 1,300 computers were found to have been compromised. They belonged to the foreign ministries of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan. Hacked systems were also found in the embassies of India, South Korea, Indonesia, Romania, Thailand, Taiwan and Pakistan.
Some of the most extensive evidence uncovered related to the computers used by the office of the Dalai Lama and the exiled Tibetan government, which is based in the Indian Himalayan town of Dharamsala.
The office of the Dalai Lama initially contacted the researchers for help amid fears about its computers. After investigating the office's computers, the researchers discovered evidence of a much broader spy network.
"We uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama," said Greg Walton, a researcher based at the University of Toronto.
No one from the Dalai Lama's office was available for comment but researchers said the spying had already affected the operation of the exiled government; after the Dalai Lama's office emailed an invitation to a foreign diplomat to visit, the Chinese government contacted the diplomat and tried to persuade them not to go. Tibetan groups said the revelations did not surprise them. Tsewang Rigzin, the president of the Tibetan Youth Congress in Dharamsala, said: "I am sure they are spying on us as well. They are spamming our email and sending us loads of junk mail."
Matt Whitticase, from the London-based Free Tibet campaign, said the number of emails sent to his organisation containing sophisticated Trojans and other malware increased during times of controversy for China. Before last summer's Olympics and during the crackdown on demonstrators in Tibet, the number spiked.
"I am not surprised by this. The Chinese government monitors any group it considers a threat. The Tibetan government in exile would definitely be one such target," he said.
The Toronto team said they could not prove the Chinese government was behind the hacking but in a separate report, those who researched spying on the Tibetan exile movement did not hesitate to point the finger.
Ross Anderson, from Cambridge University, and Shishir Nagaraja, from the University of Illinois, said the web-hosting and email services used by the Dalai Lama's office were provided by a California-based company. Examining the email server logs, they discovered a number of successful logins from IP addresses that belonged to Chinese and Hong Kong providers. None were associated with anyone from the Tibetan government's office.
They wrote: "Agents of the Chinese government compromised the computing infrastructure of the office of His Holiness the Dalai Lama ... and then downloaded sensitive data. People in Tibet may have died as a result. The compromise was detected and dealt with, but its implications are sobering. It shows how difficult it is to defend sensitive information against an opponent who uses social engineering techniques to install malware."
In 2007, Britain accused China of carrying out cyber espionage against major companies and banks.
- 2 How the language you speak changes your view of the world
- 4 Italian police 'reveal' what Jesus looked like as a young boy
'Fire at every person you see': Israeli soldiers reveal they were ordered to shoot to kill in Gaza – even if the targets may have been civilians
Italian police 'reveal' what Jesus looked like as a young boy
Who should I vote for? The Independent quiz matches best political party for undecided voters ahead of the general election
First-time buyers in London 'need to earn at least £77,000'
General Election 2015: Photographic history of Bullingdon Club tracked down - including new picture of David Cameron in his finery
In defence of liberal democracy
Over 50,000 families shipped out of London boroughs in the past three years due to welfare cuts and soaring rents
EU asylum policy is 'a direct threat to our civilisation', says Nigel Farage
The Rothschild Libel: Why has it taken 200 years for an anti-Semitic slur that emerged from the Battle of Waterloo to be dismissed?
General Election 2015: UK will be 'run for the wealthy and powerful' if Tories retain power, Labour warns
Schools forced to act as 'miniature welfare states' with teachers buying underwear and even haircuts for poor pupils
£20000 - £25000 per annum + commission: SThree: Real Staffing's Pharmaceutical...
£18000 - £25000 per annum + Commission: SThree: Are you great at building rela...
£20000 - £25000 per annum + Uncapped commission: SThree: Can you speak German,...
£25000 - £30000 per annum + benefits: Ashdown Group: An exciting opportunity f...