Huge China based computer ring broke into computers worldwide
For the past several years, there has been an active discussion among researches about the impact that a sustained attack on the computer infrastructure of developed countries could achieve. With modern infrastructures such as electricity, water, transport, finance, etc all being controlled through computational technologies, there is a persisting fear that all of this infrastructure is under threat from any clever band of cyber attackers. Modern military games incorporate threats by hackers who are affiliated to sovereign countries, and in many cases, it is claimed that developing the ability to bring down the computer networks of other countries is part of the game plan for offensive action. In the past, it has been feared that countries such as China and Russia have developed capabilities for offensive cyber-warfare.
Consider this case where a computer network, based in China, and dubbed as the 'GhostNet' by a team of Canadian researches turned up a huge network based on computers located in China; these computers were the initiators of hacking attempts that broke into computers all over the world; this probe was based on a need by the Dalai Lama office in India to ensure that its own computers were not infected (link to article):
In "Tracking GhostNet: Investigating a Cyber Espionage Network," issued over the weekend, the Canadian researchers say that the GhostNet comprises 1,295 infected computers in 103 countries, almost one third of them being "high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs."
The breaches tended to stem from a so-called social-engineering exploit, in which targets in the Tibetan community were sent an e-mail that appeared to be from the address campaigns@freetibet.org and that carried an attached Word document titled "Translation of Freedom Movement ID Book for Tibetans in Exile"--and that Word document was infected with the malicious code. The University of Cambridge report, "The snooping dragon: social-malware surveillance of the Tibetan movement," doesn't refrain from charging that the Chinese government was directing malware attacks: "(I)t was a targeted surveillance attack designed to collect actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed."
These incidents are also warnings to Governments about how their infrastructural systems are only as strong as their weakest links. One node in the system getting hacked can lead into other nodes also falling, and lead to a risk that the entire system is being compromised. In the current system, it was also found that the exploit had the powers to turn on the voice recording and the camera systems of the infected computer, leading to a spying of the proceedings happening in front of the computer.
No comments:
Post a Comment