Chinese Hackers Penetrate Foreign Computer Systems
In a 10-month investigation into Chinese cyber espionage against Tibetan institutions, researchers found that hackers tapped into foreign embassies, ministries of foreign affairs, and international organizations.
Security investigators from the Information Warfare Monitor (IWM), a public-private venture between a Canadian think tank and an academic group at the University of Toronto, found a network of 1,295 infected hosts in 103 countries. The investigators were asked by the Dalai Lama, the Tibetan Government in Exile, and others to investigate computer systems.
GhostNet Found
Researchers revealed a malware-based cyber espionage network called GhostNet. The discovery showed insecure, Web-based interfaces to four control servers that let operators send information to and receive information from compromised computers, according to a 53-page report. Audio and video hardware were also controlled, according to the report.
Although the network is small, the concentration of high-value systems is significant.
Nearly 30 percent of the computers being controlled belonged to ministries of foreign affairs of Iran, Taiwan, Tibet and several other countries; the Asian Development Bank; and unclassified computers at NATO headquarters.
Principal investigators Ron Deibert and Rafal Rohozinski said their research serves as a world wake-up call on how easily someone can create a spynet and shows how policymakers and the information-security community need to come to terms with the problem.
Path Leads to China
Security researchers were able to confirm that computers were being controlled in real time from commercial Internet access accounts on the island of Hainan, in the People’s Republic of China.
They were, however, not able to confirm whether the hackers intentionally penetrated the hosts or if the sensitive information to which they had access was exploited for commercial or intelligence value.
IP addresses assigned to the People’s Republic of China have linked with connections to infected computers, but the IWM said that isn’t enough to point fingers at China because…
Related posts:
