E-spies target 103 countries
Chinese Hackers Steal Data From Dalai Lama's Office, Indian Embassy & Others
Toronto: A vast electronic spying operation has infiltrated computers and has stolen documents from hundreds of government and private offices around the world, including those of the Dalai Lama, Canadian researchers have concluded.
In a report, the researchers said that the system was being controlled from computers based almost exclusively in China, but added that they could not say conclusively that the Chinese government was involved.
The researchers, who are based at the Munk Center for International Studies at the University of Toronto, had been asked by the office of the Dalai Lama, the exiled Tibetan leader whom China regularly denounces, to examine its computers for signs of malicious software, or malware.
Their sleuthing opened a window into a broader operation that, in less than two years, has infiltrated at
least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices, as well as the Dalai Lama's Tibetan exile centres in India, Brussels, London and New York.
The researchers, who have a record of detecting computer espionage, said they believed that in addition to spying on the Dalai Lama, the system, which they called Ghost-Net, was focused on the governments of many South Asian and Southeast Asian countries.
They said they had found no evidence that US government offices had been infiltrated, although a NATO computer was monitored by the spies for half a day and computers of the Indian embassy in Washington were infiltrated. NYT NEWS SERVICE
WORLD WIDE WEB: TRACKING GHOSTNET
The Canadian researchers concluded that the entire system—the largest uncovered so far—was being controlled from computers based almost exclusively in China
The trail began when the office of the Dalai Lama asked the researchers to examine its computers for signs of malicious software, or malware
The malware not only hunts for important files but also turns on the camera and audio-recording functions of an infected computer, enabling monitors to see and hear what goes on in a room
In addition to the Tibetan leader-in-exile, the spies were focused on the governments of South Asian and Southeast Asian countries Specific e-mail from Dalai's office stolen
Toronto: Intelligence analysts say many governments, including those of China, Russia and the US, and other parties use sophisticated computer programs to covertly gather information.
The newly reported spying operation is by far the largest to come to light in terms of countries affected. This is also the first time researchers have exposed the workings of a computer system used in an intrusion of this magnitude.
The researchers were able to monitor the commands given to infected computers and to see the names of documents retrieved by the spies, but in most cases the contents of the stolen files have not been determined. Working with the Tibetans, however, the researchers found that specific correspondence had been stolen and that the intruders had gained control of the electronic mail server computers of the Dalai Lama's organization.
They said, after an email invitation was sent by the Dalai Lamas office to a foreign diplomat, the Chinese government made a call to the diplomat discouraging a visit. And a woman working for a group making internet contacts between Tibetan exiles and Chinese citizens was stopped by Chinese intelligence officers on her way back to Tibet, shown transcripts of her online conversations and warned to stop her political activities. NYT NEWS SERVICE