Forget Big Brother, apparently it’s China we need to worry about.
Canadian researchers have discovered a major electronic spy network based mainly in China. The network, dubbed GhostNet, has infiltrated 1,295 computers in 103 countries, with a focus on the governments of Asian nations, making it the most far reaching network of this type ever found.
This report comes at the end of a ten month investigation by a team of researchers from the Information Warfare Monitor (IWM), comprised of investigators from Ottawa-based think tank SecDev Group and the University of Toronto’s Munk Centre for International Studies, following a request from the Dalai Lama’s office regarding concerns over the security of the Tibetan exile computer network.
“We uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama,” said investigator Greg Walton. The researchers were quick to point out however, that there was no conclusive evidence linking this network, which has targeted foreign ministries and embassies, to the Chinese government.
The network has installed malware on the target computers, allowing whoever is controlling it to extract sensitive information and access recording devices attached to infected machines to monitor the rooms they were in, although the team from IWM are unsure whether this particular feature had been used.
The IWM’s report, entitled The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement, said that while such attacks were not uncommon, that GhostNet stood out for its ability to collect “actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed”.