A cyber spy network based mainly in China hacked into classified documents from government and private organizations in 103 countries, including the computers of the Dalai Lama and Tibetan exiles, Canadian researchers said on Saturday.
The work of the Information Warfare Monitor (IMW) initially focused on allegations of Chinese cyber espionage against the Tibetan 苞ommunity-in-exile, and eventually led to a much wider network of compromised machines, the Internet-based research group said.
?e uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama,?investigator Greg Walton said.
The research group said that while its analysis points to China as the main source of the network, it has not conclusively been able to detect the identity or motivation of the hackers.
Calls to China? Foreign Ministry and Industry and Information Ministry rang unanswered yesterday. The Chinese consulate in Toronto did not immediately return calls for comment on Saturday.
Students For a Free Tibet activist Bhutila Karpoche said her organization? computers have been hacked into numerous times over the past four or five years and particularly in the past year. She said she often gets e-mails that contain viruses that crash the group? computers.
The IWM is composed of researchers from Ottawa-based think tank SecDev Group and the University of Toronto? Munk Centre for International Studies. The group? initial findings led to a 10-month investigation summarized in the report Tracking ?hostNet? Investigating a Cyber Espionage Network, released online yesterday.
The researchers detected a cyber espionage network involving more than 1,295 compromised computers from the ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, the Philippines, Brunei, Barbados and Bhutan. They also discovered hacked systems in the embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan.
Once the hackers infiltrated the systems, they gained control using malware ?software they install on the compromised computers ?and sent and received data from them, the researchers said.
The researchers said they believed that in addition to spying on the Dalai Lama, the system, which they called GhostNet, was focused on the governments of South Asian and Southeast Asian countries.
Intelligence analysts say that many governments, including those of China, Russia and the US use sophisticated computer programs to covertly gather information.
The newly reported spying operation is by far the largest to come to light in terms of countries affected. The malware is remarkable both for its sweep ?in computer jargon, it has not been merely ?hishing?for random consumers?information, but ?haling?for particular important targets ?and for its Big Brother-style capacities. It can, for example, turn on the camera and audio-訃ecording functions of an infected computer, enabling monitors to see and hear what goes on in a room.
The electronic spy game has had at least some real-world impact, they said. For example, they said after an e-mail invitation was sent by the Dalai Lama? office to a foreign diplomat, the Chinese government made a call to the diplomat discouraging a visit. And a woman working for a group making Internet contacts between Tibetan exiles and Chinese citizens was stopped by Chinese intelligence officers on her way back to Tibet, shown transcripts of her online conversations and warned to stop her political activities.
Two researchers at Cambridge University in the UK who worked on the part of the investigation related to the Tibetans also released their own report yesterday.
In an online abstract for The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement Shishir Nagaraja and Ross Anderson wrote that while malware attacks were not new, these attacks should be noted for their ability to collect ?ctionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed.?br />
They said prevention against such attacks would be difficult since traditional defense against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tedious operational security procedures.
The Tracking ?hostNet?report is available at www.tracking-ghost.net.
The Snooping Dragon report is available at www.www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.pdf.
AIR SUPPORT: The Ministry of National Defense thanked the US for the delivery, adding that it was an indicator of the White House’s commitment to the Taiwan Relations Act Deputy Minister of National Defense Po Horng-huei (柏鴻輝) and Representative to the US Alexander Yui on Friday attended a delivery ceremony for the first of Taiwan’s long-awaited 66 F-16C/D Block 70 jets at a Lockheed Martin Corp factory in Greenville, South Carolina. “We are so proud to be the global home of the F-16 and to support Taiwan’s air defense capabilities,” US Representative William Timmons wrote on X, alongside a photograph of Taiwanese and US officials at the event. The F-16C/D Block 70 jets Taiwan ordered have the same capabilities as aircraft that had been upgraded to F-16Vs. The batch of Lockheed Martin
GRIDLOCK: The National Fire Agency’s Special Search and Rescue team is on standby to travel to the countries to help out with the rescue effort A powerful earthquake rocked Myanmar and neighboring Thailand yesterday, killing at least three people in Bangkok and burying dozens when a high-rise building under construction collapsed. Footage shared on social media from Myanmar’s second-largest city showed widespread destruction, raising fears that many were trapped under the rubble or killed. The magnitude 7.7 earthquake, with an epicenter near Mandalay in Myanmar, struck at midday and was followed by a strong magnitude 6.4 aftershock. The extent of death, injury and destruction — especially in Myanmar, which is embroiled in a civil war and where information is tightly controlled at the best of times —
Taiwan was ranked the fourth-safest country in the world with a score of 82.9, trailing only Andorra, the United Arab Emirates and Qatar in Numbeo’s Safety Index by Country report. Taiwan’s score improved by 0.1 points compared with last year’s mid-year report, which had Taiwan fourth with a score of 82.8. However, both scores were lower than in last year’s first review, when Taiwan scored 83.3, and are a long way from when Taiwan was named the second-safest country in the world in 2021, scoring 84.8. Taiwan ranked higher than Singapore in ninth with a score of 77.4 and Japan in 10th with
SECURITY RISK: If there is a conflict between China and Taiwan, ‘there would likely be significant consequences to global economic and security interests,’ it said China remains the top military and cyber threat to the US and continues to make progress on capabilities to seize Taiwan, a report by US intelligence agencies said on Tuesday. The report provides an overview of the “collective insights” of top US intelligence agencies about the security threats to the US posed by foreign nations and criminal organizations. In its Annual Threat Assessment, the agencies divided threats facing the US into two broad categories, “nonstate transnational criminals and terrorists” and “major state actors,” with China, Russia, Iran and North Korea named. Of those countries, “China presents the most comprehensive and robust military threat