A cyber spy network based mainly in China hacked into classified documents from government and private organizations in 103 countries, including the computers of the Dalai Lama and Tibetan exiles, Canadian researchers said on Saturday.
The work of the Information Warfare Monitor (IMW) initially focused on allegations of Chinese cyber espionage against the Tibetan 苞ommunity-in-exile, and eventually led to a much wider network of compromised machines, the Internet-based research group said.
?e uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama,?investigator Greg Walton said.
The research group said that while its analysis points to China as the main source of the network, it has not conclusively been able to detect the identity or motivation of the hackers.
Calls to China? Foreign Ministry and Industry and Information Ministry rang unanswered yesterday. The Chinese consulate in Toronto did not immediately return calls for comment on Saturday.
Students For a Free Tibet activist Bhutila Karpoche said her organization? computers have been hacked into numerous times over the past four or five years and particularly in the past year. She said she often gets e-mails that contain viruses that crash the group? computers.
The IWM is composed of researchers from Ottawa-based think tank SecDev Group and the University of Toronto? Munk Centre for International Studies. The group? initial findings led to a 10-month investigation summarized in the report Tracking ?hostNet? Investigating a Cyber Espionage Network, released online yesterday.
The researchers detected a cyber espionage network involving more than 1,295 compromised computers from the ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, the Philippines, Brunei, Barbados and Bhutan. They also discovered hacked systems in the embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan.
Once the hackers infiltrated the systems, they gained control using malware ?software they install on the compromised computers ?and sent and received data from them, the researchers said.
The researchers said they believed that in addition to spying on the Dalai Lama, the system, which they called GhostNet, was focused on the governments of South Asian and Southeast Asian countries.
Intelligence analysts say that many governments, including those of China, Russia and the US use sophisticated computer programs to covertly gather information.
The newly reported spying operation is by far the largest to come to light in terms of countries affected. The malware is remarkable both for its sweep ?in computer jargon, it has not been merely ?hishing?for random consumers?information, but ?haling?for particular important targets ?and for its Big Brother-style capacities. It can, for example, turn on the camera and audio-訃ecording functions of an infected computer, enabling monitors to see and hear what goes on in a room.
The electronic spy game has had at least some real-world impact, they said. For example, they said after an e-mail invitation was sent by the Dalai Lama? office to a foreign diplomat, the Chinese government made a call to the diplomat discouraging a visit. And a woman working for a group making Internet contacts between Tibetan exiles and Chinese citizens was stopped by Chinese intelligence officers on her way back to Tibet, shown transcripts of her online conversations and warned to stop her political activities.
Two researchers at Cambridge University in the UK who worked on the part of the investigation related to the Tibetans also released their own report yesterday.
In an online abstract for The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement Shishir Nagaraja and Ross Anderson wrote that while malware attacks were not new, these attacks should be noted for their ability to collect ?ctionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed.?br />
They said prevention against such attacks would be difficult since traditional defense against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tedious operational security procedures.
The Tracking ?hostNet?report is available at www.tracking-ghost.net.
The Snooping Dragon report is available at www.www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.pdf.
RETHINK? The defense ministry and Navy Command Headquarters could take over the indigenous submarine project and change its production timeline, a source said Admiral Huang Shu-kuang’s (黃曙光) resignation as head of the Indigenous Submarine Program and as a member of the National Security Council could affect the production of submarines, a source said yesterday. Huang in a statement last night said he had decided to resign due to national security concerns while expressing the hope that it would put a stop to political wrangling that only undermines the advancement of the nation’s defense capabilities. Taiwan People’s Party Legislator Vivian Huang (黃珊珊) yesterday said that the admiral, her older brother, felt it was time for him to step down and that he had completed what he
Taiwan has experienced its most significant improvement in the QS World University Rankings by Subject, data provided on Sunday by international higher education analyst Quacquarelli Symonds (QS) showed. Compared with last year’s edition of the rankings, which measure academic excellence and influence, Taiwanese universities made great improvements in the H Index metric, which evaluates research productivity and its impact, with a notable 30 percent increase overall, QS said. Taiwanese universities also made notable progress in the Citations per Paper metric, which measures the impact of research, achieving a 13 percent increase. Taiwanese universities gained 10 percent in Academic Reputation, but declined 18 percent
UNDER DISCUSSION: The combatant command would integrate fast attack boat and anti-ship missile groups to defend waters closest to the coastline, a source said The military could establish a new combatant command as early as 2026, which would be tasked with defending Taiwan’s territorial waters 24 nautical miles (44.4km) from the nation’s coastline, a source familiar with the matter said yesterday. The new command, which would fall under the Naval Command Headquarters, would be led by a vice admiral and integrate existing fast attack boat and anti-ship missile groups, along with the Naval Maritime Surveillance and Reconnaissance Command, said the source, who asked to remain anonymous. It could be launched by 2026, but details are being discussed and no final timetable has been announced, the source
CHINA REACTS: The patrol and reconnaissance plane ‘transited the Taiwan Strait in international airspace,’ the 7th Fleet said, while Taipei said it saw nothing unusual The US 7th Fleet yesterday said that a US Navy P-8A Poseidon flew through the Taiwan Strait, a day after US and Chinese defense heads held their first talks since November 2022 in an effort to reduce regional tensions. The patrol and reconnaissance plane “transited the Taiwan Strait in international airspace,” the 7th Fleet said in a news release. “By operating within the Taiwan Strait in accordance with international law, the United States upholds the navigational rights and freedoms of all nations.” In a separate statement, the Ministry of National Defense said that it monitored nearby waters and airspace as the aircraft