A cyber spy network based mainly in China hacked into classified documents from government and private organizations in 103 countries, including the computers of the Dalai Lama and Tibetan exiles, Canadian researchers said on Saturday.
The work of the Information Warfare Monitor (IMW) initially focused on allegations of Chinese cyber espionage against the Tibetan 苞ommunity-in-exile, and eventually led to a much wider network of compromised machines, the Internet-based research group said.
?e uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama,?investigator Greg Walton said.
The research group said that while its analysis points to China as the main source of the network, it has not conclusively been able to detect the identity or motivation of the hackers.
Calls to China? Foreign Ministry and Industry and Information Ministry rang unanswered yesterday. The Chinese consulate in Toronto did not immediately return calls for comment on Saturday.
Students For a Free Tibet activist Bhutila Karpoche said her organization? computers have been hacked into numerous times over the past four or five years and particularly in the past year. She said she often gets e-mails that contain viruses that crash the group? computers.
The IWM is composed of researchers from Ottawa-based think tank SecDev Group and the University of Toronto? Munk Centre for International Studies. The group? initial findings led to a 10-month investigation summarized in the report Tracking ?hostNet? Investigating a Cyber Espionage Network, released online yesterday.
The researchers detected a cyber espionage network involving more than 1,295 compromised computers from the ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, the Philippines, Brunei, Barbados and Bhutan. They also discovered hacked systems in the embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan.
Once the hackers infiltrated the systems, they gained control using malware ?software they install on the compromised computers ?and sent and received data from them, the researchers said.
The researchers said they believed that in addition to spying on the Dalai Lama, the system, which they called GhostNet, was focused on the governments of South Asian and Southeast Asian countries.
Intelligence analysts say that many governments, including those of China, Russia and the US use sophisticated computer programs to covertly gather information.
The newly reported spying operation is by far the largest to come to light in terms of countries affected. The malware is remarkable both for its sweep ?in computer jargon, it has not been merely ?hishing?for random consumers?information, but ?haling?for particular important targets ?and for its Big Brother-style capacities. It can, for example, turn on the camera and audio-訃ecording functions of an infected computer, enabling monitors to see and hear what goes on in a room.
The electronic spy game has had at least some real-world impact, they said. For example, they said after an e-mail invitation was sent by the Dalai Lama? office to a foreign diplomat, the Chinese government made a call to the diplomat discouraging a visit. And a woman working for a group making Internet contacts between Tibetan exiles and Chinese citizens was stopped by Chinese intelligence officers on her way back to Tibet, shown transcripts of her online conversations and warned to stop her political activities.
Two researchers at Cambridge University in the UK who worked on the part of the investigation related to the Tibetans also released their own report yesterday.
In an online abstract for The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement Shishir Nagaraja and Ross Anderson wrote that while malware attacks were not new, these attacks should be noted for their ability to collect ?ctionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed.?br />
They said prevention against such attacks would be difficult since traditional defense against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tedious operational security procedures.
The Tracking ?hostNet?report is available at www.tracking-ghost.net.
The Snooping Dragon report is available at www.www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.pdf.
US President Donald Trump yesterday announced sweeping "reciprocal tariffs" on US trading partners, including a 32 percent tax on goods from Taiwan that is set to take effect on Wednesday. At a Rose Garden event, Trump declared a 10 percent baseline tax on imports from all countries, with the White House saying it would take effect on Saturday. Countries with larger trade surpluses with the US would face higher duties beginning on Wednesday, including Taiwan (32 percent), China (34 percent), Japan (24 percent), South Korea (25 percent), Vietnam (46 percent) and Thailand (36 percent). Canada and Mexico, the two largest US trading
AIR SUPPORT: The Ministry of National Defense thanked the US for the delivery, adding that it was an indicator of the White House’s commitment to the Taiwan Relations Act Deputy Minister of National Defense Po Horng-huei (柏鴻輝) and Representative to the US Alexander Yui on Friday attended a delivery ceremony for the first of Taiwan’s long-awaited 66 F-16C/D Block 70 jets at a Lockheed Martin Corp factory in Greenville, South Carolina. “We are so proud to be the global home of the F-16 and to support Taiwan’s air defense capabilities,” US Representative William Timmons wrote on X, alongside a photograph of Taiwanese and US officials at the event. The F-16C/D Block 70 jets Taiwan ordered have the same capabilities as aircraft that had been upgraded to F-16Vs. The batch of Lockheed Martin
GRIDLOCK: The National Fire Agency’s Special Search and Rescue team is on standby to travel to the countries to help out with the rescue effort A powerful earthquake rocked Myanmar and neighboring Thailand yesterday, killing at least three people in Bangkok and burying dozens when a high-rise building under construction collapsed. Footage shared on social media from Myanmar’s second-largest city showed widespread destruction, raising fears that many were trapped under the rubble or killed. The magnitude 7.7 earthquake, with an epicenter near Mandalay in Myanmar, struck at midday and was followed by a strong magnitude 6.4 aftershock. The extent of death, injury and destruction — especially in Myanmar, which is embroiled in a civil war and where information is tightly controlled at the best of times —
China's military today said it began joint army, navy and rocket force exercises around Taiwan to "serve as a stern warning and powerful deterrent against Taiwanese independence," calling President William Lai (賴清德) a "parasite." The exercises come after Lai called Beijing a "foreign hostile force" last month. More than 10 Chinese military ships approached close to Taiwan's 24 nautical mile (44.4km) contiguous zone this morning and Taiwan sent its own warships to respond, two senior Taiwanese officials said. Taiwan has not yet detected any live fire by the Chinese military so far, one of the officials said. The drills took place after US Secretary