Tech & Biz

Cyber Spy System Loots Computers in 103 Countries

by Blue Crush | March 28, 2009 at 10:43 pm

189 views | 43 Recommendations | 4 comments

A suspected cyber spy network that has stolen confidential information from the private office of the Dalai Lama and over 100 countries has been uncovered by researchers in Toronto. They include high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs.

The researchers, who are based at the Munk Center for International Studies at the University of Toronto, had been asked by the office of the Dalai Lama, the exiled Tibetan leader whom China regularly denounces, to examine its computers for signs of malicious software, or malware.
Their sleuthing opened a window into a broader operation that, in less than two years, has infiltrated at least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices, as well as the Dalai Lama’s Tibetan exile centers in India, Brussels, London and New York.

The Information Warfare Monitor say their analysis point to China as the culprit, although they "do not know the exact motivation or the identity of the attacker(s)".

The spying could be a nonstate, for-profit operation, for example, or one run by private citizens in China known as “patriotic hackers.” “We’re a bit more careful about it, knowing the nuance of what happens in the subterranean realms,” said Ronald J. Deibert, a member of the research group and an associate professor of political science at Munk. “This could well be the C.I.A. or the Russians. It’s a murky realm that we’re lifting the lid on.”

They have notified international law-enforcement of their findings.

The compromised computers included, among many others, the ministry of foreign affairs of Iran; the embassies of India, South Korea, Indonesia, Thailand, Taiwan, Portugal, Germany and Pakistan; the ASEAN Secretariat; the Asian Development Bank; news organizations and an unclassified computer located at NATO headquarters.

Their findings, Tracking GhostNet: Investigating a Cyber Espionage Network, can be downloaded here.

0 See all footage | View Slideshow

Share: email story | add to any | Digg | facebook | stumbleupon

recommend This comment thread is now closed

Pythiian1

at 10:19 on March 29th, 2009

Great catch on this piece, Blue Crush, as I was reading all the details earlier.

Thank goodness for the white hats...Villeneuve and others.

Blue Crush

at 10:46 on March 29th, 2009

Thanks, Pythiian. I'd never heard of that term until I read that article.

Here they are ... the white hats in this case.

Pythiian1

at 10:52 on March 29th, 2009

You're welcome, Blue Crush. Sometimes, the former black-hats reform themselves to become white-hats too ... They're in great demands everywhere so it's more lucrative to be white hats.