Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

A Year's Further Research On an Espionage Network

kdawson posted more than 4 years ago | from the ghostnet's-successor dept.

The Internet 61

Mortimer.CA writes "Last year researchers discovered a giant electronic spying operation they dubbed GhostNet. Now, after a further year's worth of research, Infowar Monitor has released a new report. The report (Scribbed PDF) documents a complex ecosystem of cyber espionage that systematically targeted and compromised computer systems in India, the Offices of the Dalai Lama, the United Nations, and several other countries. While the servers are in China, the report's authors say that there is 'no evidence in this report of the involvement of the People's Republic of China or any other government in the shadow network.' Furthermore, the 'intruders even stole documents related to the travel of NATO forces in Afghanistan, illustrating that even though the Indian government was the primary target of the attacks, one gap in computer security can leave many nations exposed.'"

cancel ×

61 comments

Sorry! There are no comments related to the filter you selected.

first post... (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31751250)

sorry had to do it

Re:first post... (0)

Anonymous Coward | more than 4 years ago | (#31755270)

That's usually an excuse used by an extrovert suffering from feelings of inadequacy.

Scumbags (0, Troll)

Gunningthegreen (1707112) | more than 4 years ago | (#31751288)

Just the sort of things these scumbags ingage in... http://www.cbc.ca/canada/story/2010/04/06/cyber-espionage-research.html [www.cbc.ca]

Re:Scumbags (0, Redundant)

sopssa (1498795) | more than 4 years ago | (#31751894)

What scumbags? The article directly says theres no links to any government, Chinese or other.

But I think there might be more to it. If it were Chinese super hackers, either working alone or the government, wouldn't you think it would be kind of stupid to leave all the traces pointing to China? After all we are on the Internet and it wouldn't be too hard to locate your servers elsewhere in the world. That makes me suspect Chinese have nothing to do with it, but its either some other nation using Chinese as a gateway and making them get the heat, or it's someone trying to make Chinese image bad. That's what politics are, playing dirty. When you make Chinese look like bad guys you can get more support for yourself.

Re:Scumbags (1)

maxume (22995) | more than 4 years ago | (#31752034)

It's the Chinese. They left traces pointing to China so you would suspect that it was someone else.

Re:Scumbags (0)

sopssa (1498795) | more than 4 years ago | (#31752106)

It's the Chinese. They left traces pointing to China so you would suspect that it was someone else.

Yeah because that will definitely work outside movies too.

Re:Scumbags (0)

Anonymous Coward | more than 4 years ago | (#31752042)

It could be US. They want ACTA and more strict world power. This is a good way to justify their actions. Just like Iraq war.

Re:Scumbags (2, Interesting)

Anonymous Coward | more than 4 years ago | (#31752058)

>That makes me suspect Chinese have nothing to do with it, but its either some other nation using Chinese as a gateway and making them get the heat, or it's someone trying to make Chinese image bad.

I wouldn't say chinese aren't involved instead I think the articles confirms what's widely known in the hacking world but seems to be distorted in press everytime a hacking ring is traced to china.

These hackers whomever they are is motivated by profit. Instead of stealing bank information they're stealing strategic information (missile placements, defense protocol, etc.) and then selling it for profit to whomever wants it, be it the chinese government or maybe india's archrival pakistan or corporations with businesses in india.

There's a tendency to see china as some kind of monolithic entity, meaning if a chinese person did something then "China" must of done it, but peel away the generalizations and as the article states there's different groups with different goals at work.

Too many articles (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31751292)

I'll wait for the movie.

Ooooh! The Dalai Lama! (4, Interesting)

oldspewey (1303305) | more than 4 years ago | (#31751464)

I continue to get a kick out of the Chinese government's fixation on the Dalai Lama. If the whole thing didn't involve the theft of a nation and the brutal repression of the Tibetan people, the situation would be hilarious in a Monthy Python sort of way.

Re:Ooooh! The Dalai Lama! (0)

Anonymous Coward | more than 4 years ago | (#31751584)

You mean like the whole "I think she's a witch!" thing?

Re:Ooooh! The Dalai Lama! (1)

megamerican (1073936) | more than 4 years ago | (#31751600)

I continue to get a kick out of the Chinese government's fixation on the Dalai Lama. If the whole thing didn't involve the theft of a nation and the brutal repression of the Tibetan people, the situation would be hilarious in a Monthy Python sort of way.

Or whoever is behind the attack is going after the Dalai Lama to implicate the Chinese Government.

Re:Ooooh! The Dalai Lama! (3, Insightful)

blair1q (305137) | more than 4 years ago | (#31751730)

Or the Chinese government is going after the Dalai Lama in a crudely obsessive way to make you think it's someone going after the Dalai Lama to implicate the Chinese government.

Re:Ooooh! The Dalai Lama! (1, Interesting)

sopssa (1498795) | more than 4 years ago | (#31751932)

Or someone is going after Dalai Lama in a crudely obsessive way to make you think it's Chinese doing it in a crudely obsessive way so you would think it's the Chinese who are trying to hide it by doing it in a crudely obsessive way.

Re:Ooooh! The Dalai Lama! (0)

Anonymous Coward | more than 4 years ago | (#31752852)

Or someone is going after Dalai Lama in a crudely obsessive way to make you think it's Chinese doing it in a crudely obsessive way so you would think it's the Chinese who are trying to hide it by doing it in a crudely obsessive way.

Or the Dalai Lama hacked his own computer via proxy from China to drum up sympathy for himself.

Re:Ooooh! The Dalai Lama! (1)

biryokumaru (822262) | more than 4 years ago | (#31753148)

That Dalai Lama, he's such a whiner.

Re:Ooooh! The Dalai Lama! (1)

speaker4thedead (193887) | more than 4 years ago | (#31758074)

Or someone is going after Dalai Lama in a crudely obsessive way to make you think it's Chinese doing it in a crudely obsessive way so you would think it's the Chinese who are trying to hide it by doing it in a crudely obsessive way.

You have a truly dizzying intellect.

Re:Ooooh! The Dalai Lama! (1)

Arancaytar (966377) | more than 4 years ago | (#31753556)

... to think they want you to think that is what they want you think.

Re:Ooooh! The Dalai Lama! (1)

PolygamousRanchKid (1290638) | more than 4 years ago | (#31751778)

. . . the theft of a nation . . .

. . . is the easy bit.

Fencing a nation is a bitch: http://en.wikipedia.org/wiki/Fence_(criminal) [wikipedia.org]

Re:Ooooh! The Dalai Lama! (0, Funny)

Anonymous Coward | more than 4 years ago | (#31751822)

Well considering it's public record the the Dalia Lama has been on the CIA payroll working to start a war between India and China during the 20th century I think it makes sense for China to keep an eye on him.

Re:Ooooh! The Dalai Lama! (0)

Anonymous Coward | more than 4 years ago | (#31751866)

Making things up is fun. My 4-year-old has a pretty crazy imagination.

Re:Ooooh! The Dalai Lama! (0)

Anonymous Coward | more than 4 years ago | (#31751942)

Knowing nothing about Asian history is apparently also fun, in an ignorance is bliss sort of way...

http://www.nytimes.com/1998/10/02/world/world-news-briefs-dalai-lama-group-says-it-got-money-from-cia.html?pagewanted=1

Re:Ooooh! The Dalai Lama! (0, Troll)

NeutronCowboy (896098) | more than 4 years ago | (#31752176)

And yet the article says nothing about the intention being to start a war between China and India. Making things up is indeed fun. As for the CIA supporting the Dalai Lama... heck, in this case I'm all for it.

Re:Ooooh! The Dalai Lama! (2, Informative)

sopssa (1498795) | more than 4 years ago | (#31752546)

And yet the article says nothing about the intention being to start a war between China and India. Making things up is indeed fun. As for the CIA supporting the Dalai Lama... heck, in this case I'm all for it.

And it states:

The money allocated for the resistance movement was spent on training volunteers and paying for guerrilla operations against the Chinese, the Tibetan government-in-exile said in a statement.

Just like with Osama bin Laden, Iraq and Middle-East. USA has a long history of supporting guerrilla and when it doesn't fit them anymore, they call them terrorists. I would imagine Dalai Lama and Tibet will be the next such thing.

Re:Ooooh! The Dalai Lama! (0)

Anonymous Coward | more than 4 years ago | (#31760154)

The CIA did support the Dalai Lama

http://www.amazon.com/Orphans-Cold-War-Struggle-Survival/dp/1891620185

Tibet is part of China (2, Informative)

wiredog (43288) | more than 4 years ago | (#31751864)

and always has been, and don't try to tell the Chinese differently.

Re:Tibet is part of China (3, Insightful)

deaddeng (63515) | more than 4 years ago | (#31757044)

As Americans, we should show our condemnation for China's illegal occupation of Tibet by returning California, Texas, and New Mexico to Mexico, and Hawaii to its indigenous people. I think we should keep the rest, which we either bought from the French or stole fair and square.

Re:Ooooh! The Dalai Lama! (1)

RockDoctor (15477) | more than 4 years ago | (#31757376)

I continue to get a kick out of the Chinese government's fixation on the Dalai Lama. If the whole thing didn't involve the theft of a nation and the brutal repression of the Tibetan people, the situation would be hilarious in a Monthy Python sort of way.

s/Chinese/British
s/Dalai Lama/Mahatma Ghandi/
s/Tibet/India/

Now do you see why the Chinese are worried?

BTW, there's one fewer 'h' in Monty Python than you think. Or one more 'l', depending on which joke you're trying to make.

The dangers of permissivity (0, Funny)

Anonymous Coward | more than 4 years ago | (#31751572)


Over the last ten years, as the laws got stricter in some countries, it's fairly easy to observe the shift of malicious cyberbehavior to others, not unlike pressing down on parts of a balloon and watching the rest expand. It's also interesting to note that the centers of gravity with regard to this type of activity, whether spam, malware, or apparently even spying, appear to coincide with areas that have a lowered regard of copyright and other intellectual property.


I suspect the strongest thing we can do for computer security is to create and approve a framework of laws that engender respect for intellectual property of all stripes, from corporate data, to music, movies, and video games. While many of us are leery of the DMCA, I think we can eventually all agree that a rising tide lifts all boats, and that empowering users to take control over how their information is shared is ultimately a good thing; especially if it creates an environment in which cybercrime can no longer flourish into our computers.

Re:The dangers of permissivity (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31751740)


how does cyberespionage have anything to do with DMCA and copyright violations you dumb fuck ? if anything, governments which are copyright immune engage in it. it has nothing to do with IP. DIE IN A FIRE.

Re:The dangers of permissivity (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31751798)

[You found your way here\\ I was not sure you would/could/should choose to do so]

-- I did not know if I could find the way, Ummon.

[You remember/invent/hold to your heart my name]

-- Not until I spoke it did I remember it.

[Your slow-time body is no more]

-- I have died twice since you sent me to my birth

[And have you learned/taken to your spirit/unlearned anything from this]

-- It is hard to die. Harder to live.

[KWATZ!]

Re:The dangers of permissivity (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31751876)

Woah, dog, your font looks totally boss! How did you do it? :)

Research 2.0 (4, Interesting)

Jazz-Masta (240659) | more than 4 years ago | (#31751574)

The team describes its findings in a report called Shadows in the Cloud: An investigation into Cyber Espionage 2.0

Even "researchers" have caught the marketing bug. "Cloud" "Cyber" "2.0"

Full report here:

http://www.scribd.com/doc/29435784/SHADOWS-IN-THE-CLOUD-Investigating-Cyber-Espionage-2-0

Major discovery (4, Funny)

Drunkulus (920976) | more than 4 years ago | (#31751668)

We also discovered a gigantic copyright infringement network, which is codenamed "scribd."

Let me refer all of you to this... (5, Informative)

GPLDAN (732269) | more than 4 years ago | (#31751702)

The best bit of journalism in the last year on this subject:

http://www.nytimes.com/2010/02/02/business/global/02hacker.html?emc=eta1 [nytimes.com]

Now - read the story of Maija the not-so-l33t hacker and pay special attention to how the story explains how the Chinese special intelligence services work. The whole thing is outsourced, loose affiliation. The blackwater-ization of hacking, where for the government is most interested in a plausible denial.

Then tell me again how the Chinese intelligence services aren't funding and running Ghostnet.
The way I see it, these hackers probably get treated as well as Bobby Kotick treats his people. Do thy bidding and get hookers sent over for lunch, maybe two if you find a 0-day.

Re:Let me refer all of you to this... (3, Insightful)

osu-neko (2604) | more than 4 years ago | (#31752530)

Then tell me again how the Chinese intelligence services aren't funding and running Ghostnet.

Now now, let's not be hasty, there's no evidence in this report of the involvement of the People's Republic of China. It could be anyone on the long list of organizations who happen to hate the Dalai Lama, Chinese dissidents, etc. ;)

Re:Let me refer all of you to this... (0)

Anonymous Coward | more than 4 years ago | (#31752952)

Yeah, I have been driving over the speed limit for years. Now tell me again how Mr. Obama, Bush and Clinton aren't funding me to drive over the speed limit.

Microsoft to Blame (0, Flamebait)

MyLongNickName (822545) | more than 4 years ago | (#31751716)

From wikipedia "Its command and control infrastructure is based mainly in the People's Republic of China and has infiltrated high-value political, economic and media locations[3] in 103 countries. Computer systems belonging to embassies, foreign ministries and other government offices, and the Dalai Lama's Tibetan exile centers in India, London and New York City were compromised. Although the activity is mostly based in China, there is no conclusive evidence that the Chinese government is involved in its operation.[4]"

Anyone want to take a bet on the percentage of compromised Windows systems versus Linux system versus Macs?

Now you are part of the GhostNet (0)

Anonymous Coward | more than 4 years ago | (#31751796)

Because you downloaded the linked pdf and got pwnz0r3dz0mg!!1!!!!1

Blah blah blah Western hypocrisy (-1, Troll)

superyanthrax (835242) | more than 4 years ago | (#31751812)

So you're telling me that the US doesn't spy on Russia and China, and that they don't execute cyberattacks against Al-Qaeda or the Taliban? Western hypocrisy on display right here for the umpteenth time.

Re:Blah blah blah Western hypocrisy (1)

Jeng (926980) | more than 4 years ago | (#31752492)

Of course every country out there spies, but most don't try to take over innocent civilians computers in a bid to do so.

It is mentioned on Slashdot not because of the action, but the method.

Well if the US or Russia does take over civilians computers, they are at least better at hiding it than the Chinese.

That is one thing about the Chinese government, they don't tend to be subtle.

Re:Blah blah blah Western hypocrisy (1)

Jeremy Erwin (2054) | more than 4 years ago | (#31753400)

That is one thing about the Chinese government, they don't tend to be subtle.

Not necessarily [wikipedia.org] Perhaps you're transposing the awkward and unsubtle dialect of Chinglish [wikipedia.org] to other aspects of Chinese culture.

Re:Blah blah blah Western hypocrisy (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31753876)

Shut the fuck up dickwad, our targets are fucking terrorist a-holes and tha last time I checked the dalai lama is as fucking harmless as they come. Now go back to your workers paradise your fucking tool

and there is never a case of US involvement? (2, Interesting)

kubitus (927806) | more than 4 years ago | (#31751834)

Echelon is too costly.

so build into all US produced ( or at least with US label ) network devices a small Trojan Boot Loader hidden with dirty programming.

and activate these TBL's with instructions hidden in serachengine answers- according to the serial No of who bought which.

And you end up with a fifth colon paid by the very IT user.

( A French Diplomat made a slip of tounge when asked if they did not fear Argentine to use Exocet missiles against themselves: we can switch it off - analogue a US Diplomat may slipof tongue: we can switch it ON )

Re:and there is never a case of US involvement? (4, Insightful)

russotto (537200) | more than 4 years ago | (#31752000)

so build into all US produced ( or at least with US label ) network devices a small Trojan Boot Loader hidden with dirty programming.

It's plausible, but it's a works-once kind of thing. As soon as you make any major use of it, it's going to be found out, and everyone else is going to go looking for it. So you have to save it for when it's really valuable, but doing that means you risk it being found anyway and never using it.

It['s

And you end up with a fifth colon paid by the very IT user.

What happened to colons two through four?

Re:and there is never a case of US involvement? (1)

kubitus (927806) | more than 4 years ago | (#31753212)

a prominent US-based IT security company estimated the effort to detect a TBL at 5 to 6 man-years plus a constructed event rousing the interest so that the TBL would be woken up from dormancy to be detected during the activation phase.

to find TBL instructions and reporting home inside search engine requests was considered as fairly difficult.

Re:and there is never a case of US involvement? (1)

Arthur Grumbine (1086397) | more than 4 years ago | (#31752008)

And you end up with a fifth colon...

:-)
:-P
:-0
:-D

>:-( <-----The Fifth Colon. Fear his anger.

Re:and there is never a case of US involvement? (1)

mooingyak (720677) | more than 4 years ago | (#31753140)

The Fifth Colon was a great movie.

Re:and there is never a case of US involvement? (1)

lennier (44736) | more than 4 years ago | (#31756836)

And you end up with a fifth colon paid by the very IT user.

Is that sort of like tearing someone a new one, only four times worse?

I think (1)

daoshi (913930) | more than 4 years ago | (#31751996)

I think you just discovered a big botnet. Countless machines are being used a camouflage to blur out the real man behind the operations.

Probably, it's just a free game with an open door. Anyone who figured out this botnet's protocol would be able to use it for free.

mirror? (0)

Anonymous Coward | more than 4 years ago | (#31752308)

Where is the non-Scribbed PDF?

Re:mirror? (0)

Anonymous Coward | more than 4 years ago | (#31757016)

h++p://www.nartv.org/mirror/shadows-in-the-cloud.pdf

+ = t

Not connected to the government (1)

dave562 (969951) | more than 4 years ago | (#31752476)

Does anyone really believe that the Chinese (or any other government) would be stupid enough to do this from their own servers? One of the key tenents of espianoge is to cover your tracks. The closest something like this will ever get to the Chinese government is if the CIA or some other intelligence service happens to catch someone handing off a USB drive filled with whatever digital loot was acquired from the botnet. The government itself does not need to directly sponsor this sort of activity. It would be political suicide to do so. It is much too easy to obfuscate the process by farming it out.

Re:Not connected to the government (1)

Jeng (926980) | more than 4 years ago | (#31752910)

The Chinese may be rationalizing their distance in a way that may not make sense to us, it only has to make sense to them to do it.

Isn't it ironic? (1, Troll)

ka9dgx (72702) | more than 4 years ago | (#31752598)

I find it quite ironic that they publish their report as a PDF, one of the biggest sources of vulnerabilities known to man. Why not something a bit more open and standard, like HTML?

Troll? (1)

ka9dgx (72702) | more than 4 years ago | (#31802902)

How was that a troll? PDFs suck, we all hate having to deal with them.... yet they offer no other way to view the report.

Who's doing it is simple (-1)

Anonymous Coward | more than 4 years ago | (#31753374)

SPECTRE. Fits they're profile.

Why not China? (1)

MaWeiTao (908546) | more than 4 years ago | (#31754216)

Why couldn't this be China. Perhaps they don't have the resources of the US or Europe to find more discrete methods of espionage. Perhaps they just don't care who knows. Clearly it doesn't matter all that much if the evidence points to them because so many people are reluctant to accuse China anyway.

I'd say the ones doing the work are probably sloppy. Skilled, but not thorough enough to cover their tracks. And the higher ups are probably feeling rather cocky and couldn't care less since on the international stage they seem to be getting their way anyway.

the nerve (0, Troll)

Anonymous Coward | more than 4 years ago | (#31754554)

The Indian government called, they want their curry recipe back.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?