Sunday, March 29, 2009

Chinese Operating "Ghost Net" Spying Network

Paranoia runs deep apparently... from the New York Times...


In a report provided to the newspaper, a team from the Munk Center for International Studies in Toronto said at least 1,295 computers in 103 countries had been breached in less than two years by the spy system, which it dubbed GhostNet.

Embassies, foreign ministries, government offices and the Dalai Lama's Tibetan exile centers in India, Brussels, London and New York were among those infiltrated, said the researchers, who have detected computer espionage in the past.

They found no evidence U.S. government offices were breached.

The researchers concluded that computers based almost exclusively in China were responsible for the intrusions, although they stopped short of saying the Chinese government was involved in the system, which they described as still active.

"We're a bit more careful about it, knowing the nuance of what happens in the subterranean realms," saidRonald Deibert, a member of the Munk research group, based at the University of Toronto.

"This could well be the CIA or the Russians. It's a murky realm that we're lifting the lid on."

A spokesman for the Chinese Consulate in New York dismissed the idea China was involved. "These are old stories and they are nonsense," the spokesman, Wenqi Gao, told the Times. "The Chinese government is opposed to and strictly forbids any cybercrime."

The Toronto researchers began their sleuthing after a request from the office of the Dalai Lama, the exiledTibetan spiritual leader, to examine its computers for signs of malicious software, or malware.

The network they found possessed remarkable "Big Brother-style" capabilities, allowing it, among other things, to turn on the camera and audio-recording functions of infected computers for potential in-room monitoring, the report said.

The system was focused on the governments of South Asian and Southeast Asian nations as well as on the Dalai Lama, the researchers said, adding that computers at the Indian Embassy in Washington were infiltrated and a NATO computer monitored.

The report will be published in Information Warfare Monitor, an online publication linked to the Munk Center.

At the same time, two computer researchers at Cambridge University in Britain who worked on the part of the investigation related to the Tibetans are releasing an independent report, the Times said.

They do fault China and warned that other hackers could adopt similar tactics, the Times added.