A group of researchers from the University of Toronto-based Monk Centre for International Studies have discovered a massive spy system infiltrating more than 1,200 computer systems worldwide, including those of the offices of the Dalai Lama.
Dubbed by the team that found it as “GhostNet”, the system traces back to four servers–three of which are located in China, and one in Southern California.The researchers who unearthed GhostNet had been asked by the office of the Dalai Lama to investigate whether their systems had been compromised by malicious software. What they uncovered was much larger than they could have suspected.
The spy operation has gained control of “at least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices”, reported The New York Times.
The malware is remarkable both for its sweep–in computer jargon, it has not been merely “phishing” for random consumers’ information, but “whaling” for particular important targets–and for its Big Brother-style capacities. It can, for example, turn on the camera and audio-recording functions of an infected computer, enabling monitors to see and hear what goes on in a room. The investigators say they do not know if this facet has been employed.
There has been no direct connection found between the spy network and the Chinese Government, and the researchers admit that despite the majority of the servers tracing back to locations in China, it could just as easily be run by the CIA, the Russians, a for-profit third-party agency, or a group of Chinese “patriotic hackers“.What does seem clear is that information mined by GhostNet has come into the hands of the powers that be:
The electronic spy game has had at least some real-world impact, they said. For example, they said, after an email invitation was sent by the Dalai Lama’s office to a foreign diplomat, the Chinese Government made a call to the diplomat discouraging a visit. And a woman working for a group making Internet contacts between Tibetan exiles and Chinese citizens was stopped by Chinese intelligence officers on her way back to Tibet, shown transcripts of her online conversations, and warned to stop her political activities.
For more information, check out the full report: “Tracking GhostNet: Investigating a cyber espionage network.” Incidentally, one member of the Munk Centre team that discovered GhostNet is Nart Villeneuve, who also uncovered that the Chinese version of Skype was spying on its users–I don’t know what we should give this guy first, an award or a bullet-proof vest.
(h/t @CandidGroup)