A cyber spy network based mainly in China hacked into classified documents from government and private organizations in 103 countries, including the computers of the Dalai Lama and Tibetan exiles, Canadian researchers said on Saturday.
The work of the Information Warfare Monitor (IMW) initially focused on allegations of Chinese cyber espionage against the Tibetan 苞ommunity-in-exile, and eventually led to a much wider network of compromised machines, the Internet-based research group said.
?e uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama,?investigator Greg Walton said.
The research group said that while its analysis points to China as the main source of the network, it has not conclusively been able to detect the identity or motivation of the hackers.
Calls to China? Foreign Ministry and Industry and Information Ministry rang unanswered yesterday. The Chinese consulate in Toronto did not immediately return calls for comment on Saturday.
Students For a Free Tibet activist Bhutila Karpoche said her organization? computers have been hacked into numerous times over the past four or five years and particularly in the past year. She said she often gets e-mails that contain viruses that crash the group? computers.
The IWM is composed of researchers from Ottawa-based think tank SecDev Group and the University of Toronto? Munk Centre for International Studies. The group? initial findings led to a 10-month investigation summarized in the report Tracking ?hostNet? Investigating a Cyber Espionage Network, released online yesterday.
The researchers detected a cyber espionage network involving more than 1,295 compromised computers from the ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, the Philippines, Brunei, Barbados and Bhutan. They also discovered hacked systems in the embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan.
Once the hackers infiltrated the systems, they gained control using malware ?software they install on the compromised computers ?and sent and received data from them, the researchers said.
The researchers said they believed that in addition to spying on the Dalai Lama, the system, which they called GhostNet, was focused on the governments of South Asian and Southeast Asian countries.
Intelligence analysts say that many governments, including those of China, Russia and the US use sophisticated computer programs to covertly gather information.
The newly reported spying operation is by far the largest to come to light in terms of countries affected. The malware is remarkable both for its sweep ?in computer jargon, it has not been merely ?hishing?for random consumers?information, but ?haling?for particular important targets ?and for its Big Brother-style capacities. It can, for example, turn on the camera and audio-訃ecording functions of an infected computer, enabling monitors to see and hear what goes on in a room.
The electronic spy game has had at least some real-world impact, they said. For example, they said after an e-mail invitation was sent by the Dalai Lama? office to a foreign diplomat, the Chinese government made a call to the diplomat discouraging a visit. And a woman working for a group making Internet contacts between Tibetan exiles and Chinese citizens was stopped by Chinese intelligence officers on her way back to Tibet, shown transcripts of her online conversations and warned to stop her political activities.
Two researchers at Cambridge University in the UK who worked on the part of the investigation related to the Tibetans also released their own report yesterday.
In an online abstract for The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement Shishir Nagaraja and Ross Anderson wrote that while malware attacks were not new, these attacks should be noted for their ability to collect ?ctionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed.?br />
They said prevention against such attacks would be difficult since traditional defense against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tedious operational security procedures.
The Tracking ?hostNet?report is available at www.tracking-ghost.net.
The Snooping Dragon report is available at www.www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.pdf.
The Taipei MRT is open all night tonight following New Year’s Eve festivities, and is offering free rides from nearby Green Line stations. Taipei’s 2025 New Year’s Eve celebrations kick off at Taipei City Hall Square tonight, with performances from the boy band Energy, the South Korean girl group Apink, and singers Gigi Leung (梁詠琪) and Faith Yang (楊乃文). Taipei 101’s annual New Year’s firework display follows at midnight, themed around Taiwan’s Premier12 baseball championship. Estimates say there will be about 200,000 people in attendance, which is more than usual as this year’s celebrations overlap with A-mei’s (張惠妹) concert at Taipei Dome. There are
NEW YEAR’S ADDRESS: ‘No matter what threats and challenges Taiwan faces, democracy is the only path,’ William Lai said, urging progress ‘without looking back’ President William Lai (賴清德) yesterday urged parties across the political divide to democratically resolve conflicts that have plagued domestic politics within Taiwan’s constitutional system. In his first New Year’s Day address since becoming president on May 20 last year, Lai touched on several issues, including economic and security challenges, but a key emphasis was on the partisan wrangling that has characterized his first seven months in office. Taiwan has transformed from authoritarianism into today’s democracy and that democracy is the future, Lai said. “No matter what threats and challenges Taiwan faces, democracy is the only path for Taiwan,” he said. “The only choice
CORRUPTION: Twelve other people were convicted on charges related to giving illegal benefits, forgery and money laundering, with sentences ranging from one to five years The Yilan District Court yesterday found Yilan County Commissioner Lin Zi-miao (林姿妙) guilty of corruption, sentencing her to 12 years and six months in prison. The Yilan District Prosecutors’ Office in 2022 indicted 10 government officials and five private individuals, including Lin, her daughter and a landowner. Lin was accused of giving illegal favors estimated to be worth NT$2.4 million (US$73,213) in exchange for using a property to conduct activities linked to the 2020 Chinese Nationalist Party (KMT) presidential and legislative election campaigns. Those favors included exempting some property and construction firms from land taxes and building code contraventions that would have required
TECH CORRIDOR: Technology centers and science parks in the south would be linked, bolstering the AI, semiconductor, biotech, drone, space and smart agriculture industries The Executive Yuan yesterday approved a “Southern Silicon Valley” project to promote the development of an artificial intelligence (AI) and semiconductor industry in Chiayi County, Tainan, Pingtung County and Kaohsiung. The plan would build an integrated “S-shaped semiconductor industry corridor” that links technology centers and science parks in the south, Executive Yuan spokesperson Michelle Lee (李慧芝) said yesterday after a Cabinet meeting. The project would bolster the AI, semiconductor, biotech, drone, space and smart agriculture industries, she said. The proposed tech corridor would be supported by government efforts to furnish computing power, workforce, supply chains and policy measures that encourage application and integration
RSS