Remember meForgot password?
    Log in with Twitter

article imageInformation Warfare Monitor finds spy-network based in China

By R. C. Camphausen     Apr 6, 2010 in Internet
Canadian researchers say that computers of several embassies worldwide as well as at the United Nations and the office of the Dalai Lama have been infiltrated by a cyber-space spy network originating in Chengdu, China. Beijing denies any knowledge.
Revealed in an April 6 report on CNet News as well as in different articles on the BBC website, here and here, is the fact that a Canadian research team has been monitoring an espionage network since eight months, finding not only that it originates with two individuals in the Chinese city of Chengdu, but that it targeted a most interesting range of governments and organizations.
The so-called Information Warfare Monitor comprises researchers from the Ottawa-based think tank SecDev Group and the University of Toronto's Munk Centre for International Studies. In a concentrated effort that took eight months, the computer specialists working in this group discovered a botnet of computers controlled from Chengdu, China, and were able to monitor a great variety of information, e-mails and classified documents that were stolen from places like the Indian government, the embassy of Pakistan in the U.S., the ministries of foreign affairs of Iran, Bangladesh, Indonesia, Philippines, Brunei and Bhutan.
In the case of the office of the Dalai Lama, based in India, some might imagine that downloading 1,500 'sensitive' e-mails from their computers is not world shattering, but compromised systems were also discovered in embassies of countries such as South Korea, Indonesia, Romania, Cyprus, Thailand, Germany and Pakistan. The most worrying fact of the discovery may be that the hackers were also able to access reports on missile systems in India and documents related to NATO force movements in Afghanistan.
In the now published report named Shadows in the Cloud, the researchers clearly state that there is no hard evidence of involvement in the espionage by any government, yet justified doubts do naturally exist since the news broke last year that Google and more than 30 other U.S. companies had been targeted in a similar way, especially Gmail accounts of users who were human rights activists.
In conclusion, the report states that it is an important and interesting question to see whether or not the People's Republic of China will take action to shut down the Shadow network as soon as possible.
The report is named Shadows in the Cloud because the research has shown that the botnet exploited social networking and cloud computing platforms, including Google, Baidu, Yahoo, and Twitter to infect computers with its malicious software. The hackers also exploited so-called holes in Adobe PDF documents, in Microsoft Word and Powerpoint software.
More about Cyber espionage, China, Chengdu, India, Cyber crime
Latest News
Top News