In what will come as no surprise to many the Information War Monitor has exposed a Chinese hacking group (the so-called GhostNet) who had infiltrated over 1000 computers in over 100 countries, 30% of which were considered to be “high-value” targets (i.e. belonging to government agencies, international organisations etc.). Perhaps most telling was the number of foreign embassy’s infected and possible targeting of Taiwan and the Dalai Lama in particular.
The Trojan horse program, typically spread through email attachments, gave the attackers complete control of the infected computers allowing them to search and download files, log keystrokes, and control attached devices such as webcams or microphones. Command servers were identified and traced to be in mainland China (Hainan, Guangdong, Sichuan and Jiangsu) as well as one in Hong Kong and the US. Hainan Island is home to the Lingshui signals intelligence facility of the People’s Liberation Army although no concrete evidence could be found to link them.
Even more worrying is the fact that because of the inherent insecurity of the Internet’s design almost anyone can mount a cyber-attack with easily downloadable hacking toolkits and a basic understanding of the technology. Whilst these intrusions were traceable to IP addresses in China there is no evidence to be able to say whether the activity was government-sanctioned or just a kid in his bedroom. Catching those responsible who are more likely than not on the other side of the world under different jurisdictions is almost impossible currently. China has denied any involvement and described the study as “nonsense”.
Whilst little is known of the current sophistication of cyber espionage it is believed that the US, UK, and Israel are currently leaders in this field and clearly China wants a part in it. Most previous cyberattacks such as those in the Russia-Georgia conflict have been tracked to nationalistic individuals acting alone.
The report, which covers the findings of their 10-month investigation, is fascinating reading if you’re interested in computer security and the technicalities of how these attacks work. For more on the inner mind of cybercriminal organisations in China check out The Dark Visitor blog.
6 Comments Add New Comment
Ah, good old hacker stories.
Reminds me of this great article about how one man Kaminsky found out how to turn the internet upside-down using his living-room laptop, but decided to save the world instead: http://www.wired.com/techbiz/people/magazine/16-12/ff_kaminsky
Excellent article, thanks for the link!
Hi, David, I just found the softwares here in Europe are so expensive..
In Philips, they only have common softwares, like Office. Now, everybody around uses trial versions. They said installing Photoshop for one computer need 300 Euro. They need us to use some professional software, but they don’t provide. How can people work then. I saw many people have laptops, they install illegal versions on their own laptops.But it’s unallowed to install on computers.
Software like Office and Photoshop are expensive in any country just in China it far more easier to get the pirate version so very few people are prepared to pay the full price!
Full price is really huge….I guess for universities, prices are cheaper, I can find almost all I want….But in companies, couldn’t find anything, except Office….
[…] Cyber experts have proof of the hijack. China seems to be getting more proficient at hacking the […]