Jump to content

GhostNet: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
clarify
No edit summary
Line 9: Line 9:
Compromised systems were discovered in the [[Embassy|embassies]] of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan and [[Foreign ministry|foreign ministries]] of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan were also targeted.<ref name=bbc>{{cite news| title=Major cyber spy network uncovered | url=http://news.bbc.co.uk/1/hi/world/americas/7970471.stm | publisher=[[BBC News]] | date=March 29, 2009 | accessdate=March 29, 2009}}</ref><ref name=Reuters>{{cite news| title=Canadians find vast computer spy network: report | url=http://www.reuters.com/article/newsOne/idUSTRE52R2HQ20090328 | publisher=[[Reuters]] | date=March 28, 2009 | accessdate=March 29, 2009}}</ref> No evidence was found that [[U.S.]] or [[U.K.]] government offices were infiltrated, although a NATO computer was monitored for half a day and the computers of the Indian embassy in [[Washington, D.C.]], were infiltrated.<ref name=Reuters/><ref>{{cite news| title=Spying operation by China infiltrated computers: Report | url=http://www.thehindubusinessline.com/blnus/10291335.htm | publisher=[[The Hindu]] | date=March 29, 2009 | accessdate=March 29, 2009}}</ref><ref name="nato">{{cite news| title='World's biggest cyber spy network' snoops on classified documents in 103 countries | url=http://www.timesonline.co.uk/tol/news/uk/crime/article5996253.ece | publisher=[[The Times]] | date=March 29, 2009 | accessdate=March 29, 2009}}</ref>
Compromised systems were discovered in the [[Embassy|embassies]] of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan and [[Foreign ministry|foreign ministries]] of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan were also targeted.<ref name=bbc>{{cite news| title=Major cyber spy network uncovered | url=http://news.bbc.co.uk/1/hi/world/americas/7970471.stm | publisher=[[BBC News]] | date=March 29, 2009 | accessdate=March 29, 2009}}</ref><ref name=Reuters>{{cite news| title=Canadians find vast computer spy network: report | url=http://www.reuters.com/article/newsOne/idUSTRE52R2HQ20090328 | publisher=[[Reuters]] | date=March 28, 2009 | accessdate=March 29, 2009}}</ref> No evidence was found that [[U.S.]] or [[U.K.]] government offices were infiltrated, although a NATO computer was monitored for half a day and the computers of the Indian embassy in [[Washington, D.C.]], were infiltrated.<ref name=Reuters/><ref>{{cite news| title=Spying operation by China infiltrated computers: Report | url=http://www.thehindubusinessline.com/blnus/10291335.htm | publisher=[[The Hindu]] | date=March 29, 2009 | accessdate=March 29, 2009}}</ref><ref name="nato">{{cite news| title='World's biggest cyber spy network' snoops on classified documents in 103 countries | url=http://www.timesonline.co.uk/tol/news/uk/crime/article5996253.ece | publisher=[[The Times]] | date=March 29, 2009 | accessdate=March 29, 2009}}</ref>


The researchers could not conclude that the [[Government of the People's Republic of China|Chinese government]] is responsible for the spy network, and noted alternative possibilities such as a operation run by private citizens in China for profit or for [[patriotic]] reasons, or intelligence agencies from another country.<ref name="NY-TIMES"/> The Chinese government has denied any involvement.<ref name=bbc/> However, an independent report from researchers at [[Cambridge University]] says they believe that the Chinese government is indeed behind the attacks.<ref>{{cite web | url = http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.pdf | title = The snooping dragon: social-malware surveillance of the Tibetan movement | first = Shishir | last = Nagaraja | coauthors = Ross Anderson | publisher = Computer Laboratory, University of Cambridge | date = March 2009 | format = PDF }}</ref>
The researchers could not conclude that the [[Government of the People's Republic of China|Chinese government]] is responsible for the spy network, and noted alternative possibilities such as an operation run by private citizens in China for profit or for patriotic reasons, or intelligence agencies from another country.<ref name="NY-TIMES"/> The Chinese government has denied any involvement.<ref name=bbc/> However, an independent report from researchers at [[Cambridge University]] says they believe that the Chinese government is indeed behind the attacks.<ref>{{cite web | url = http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.pdf | title = The snooping dragon: social-malware surveillance of the Tibetan movement | first = Shishir | last = Nagaraja | coauthors = Ross Anderson | publisher = Computer Laboratory, University of Cambridge | date = March 2009 | format = PDF }}</ref>


==References==
==References==

Revision as of 19:24, 29 March 2009

GhostNet is an electronic spying operation based mainly in the People's Republic of China which has infiltrated at least 1,295 computers in 103 countries, including many belonging to banks, foreign embassies, foreign ministries and other government offices, and the Dalai Lama's Tibetan exile centers in India, Brussels, London, and New York City.[1]

GhostNet was discovered by researchers at the University of Toronto's Munk Centre for International Studies in collaboration with the University of Cambridge's Computer Laboratory after a 10-month investigation, and its workings were reported by The New York Times on March 29, 2009.[1][2] Investigators focused initially on allegations of Chinese cyber-espionage against the Tibetan exile community, but led to a much wider network of compromised machines.

GhostNet possesses capabilities allowing it to turn on the camera and audio-recording functions of infected computers. The system enables its controllers to disseminate malware to selected recipients via computer code attached to stolen emails and addresses, thereby expanding the network by allowing more computers to be infected.[1]

Compromised systems were discovered in the embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan and foreign ministries of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan were also targeted.[3][4] No evidence was found that U.S. or U.K. government offices were infiltrated, although a NATO computer was monitored for half a day and the computers of the Indian embassy in Washington, D.C., were infiltrated.[4][5][6]

The researchers could not conclude that the Chinese government is responsible for the spy network, and noted alternative possibilities such as an operation run by private citizens in China for profit or for patriotic reasons, or intelligence agencies from another country.[1] The Chinese government has denied any involvement.[3] However, an independent report from researchers at Cambridge University says they believe that the Chinese government is indeed behind the attacks.[7]

References

  1. ^ a b c d "Vast Spy System Loots Computers in 103 Countries". New York Times. March 28, 2009. Retrieved March 29, 2009.
  2. ^ "Researchers: Cyber spies break into govt computers". Associated Press. March 29, 2009. Retrieved March 29, 2009.
  3. ^ a b "Major cyber spy network uncovered". BBC News. March 29, 2009. Retrieved March 29, 2009.
  4. ^ a b "Canadians find vast computer spy network: report". Reuters. March 28, 2009. Retrieved March 29, 2009.
  5. ^ "Spying operation by China infiltrated computers: Report". The Hindu. March 29, 2009. Retrieved March 29, 2009.
  6. ^ "'World's biggest cyber spy network' snoops on classified documents in 103 countries". The Times. March 29, 2009. Retrieved March 29, 2009.
  7. ^ Nagaraja, Shishir (March 2009). "The snooping dragon: social-malware surveillance of the Tibetan movement" (PDF). Computer Laboratory, University of Cambridge. {{cite web}}: Unknown parameter |coauthors= ignored (|author= suggested) (help)