China-Based CyberSpy Ring Hacks Asian Governments

Canadian researchers say they have uncovered a global cyberspy network that snoops into government computers, and is based mainly in China. The researchers say they have no evidence Beijing is behind the ring and authorities have denied it, too, but their report is bound to stir up old suspicions, and especially as it was prompted by a request from the Dalai Lama to check whether the computers of his exiled organization had been hacked.

What the subsequent 10-month investigation by Information Warfare Monitor, which comprises researchers from Ottawa-based think tank SecDev Group and the University of Toronto’s Munk Centre for International Studies, found was that 1,295 computers in 103 countries had been infiltrated, including machines in the foreign ministries of eight countries and various embassies of 11 more. The cyberattacks were mainly against Asian governments. Computers of international organizations, non-government organizations and news media were also hacked, the researchers say.

The cyberspies were able to take control of compromised computers and to send and receive classified data from them, creating a surveillance system the researchers dubbed GhostNet after the ghOst RAT trojan horse malware that was used, and which they traced back to commercial internet access accounts located on Hainan Island.

From the IWM report:

While our analysis reveals that numerous politically sensitive and high value computer systems were compromised in ways that circumstantially point to China as the culprit, we do not know the exact motivation or the identity of the attacker(s), or how to accurately characterize this network of infections as a whole. One of the characteristics of cyber-attacks of the sort we document here is the ease by which attribution can be obscured.

Regardless of who or what is ultimately in control of GhostNet, it is the capabilities of exploitation, and the strategic intelligence that can be harvested from it, which matters most. Indeed, although the Achilles’ heel of the GhostNet system allowed us to monitor and document its far-reaching network of infiltration, we can safely hypothesize that it is neither the first nor the only one of its kind.

2 Comments

Filed under Politics & Society

2 responses to “China-Based CyberSpy Ring Hacks Asian Governments

  1. If hackers are able to hack in the system of governments, I believe that they aren’t safe enough and they need more protection against the smart hackers. Since it is highly confidential information what is on those computer systems, they must be more careful with their protection system.

    I’ve also been hacked by amateurs. Nothing terrible happened and I changed my security password but it is really annoying when it happens to you. I can only image what it means if some important information is released that shouldn’t be. I hope that the governments can come up with a good solution to make sure that it will never happen again in the future.

  2. Pingback: Nanjing’s Not So Secret Espionage Museum « China Bystander

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s