Real-life spy thriller in cyberspace

April 1, 2009

ericauchard1– Eric Auchard is a Reuters columnist. The opinions expressed are his own –

Once in a while a good computer security scare comes along that has all the makings of a taut Cold War spy thriller and the latest news of a global computer espionage ring is one such story.

A new report entitled “Tracking GhostNet: Investigating a Cyber Espionage Network,” argues that poorly defended computers used by government and private organizations in 103 nations may have been violated. The study has attracted widespread media attention after a New York Times story about it at the weekend.

The study by a group of activist researchers based in Toronto called “Information Warfare Monitor” says computers in various foreign ministries, embassies and Taiwanese trade groups have been pilfered by computers located at a Chinese government intelligence center on the island of Hainan. A computer in the private offices of the Dalai Lama was infected and e-mail lists and negotiating documents were stolen using a virus that “phoned home” to its controller, it alleges.

Data retrieved in the attacks appears to have been used to rein in Tibetan critics of China. But the report has trouble pinning the theft of computer secrets back to the Chinese government. It is also unclear how much information of value was gathered, outside a handful of instances. It conflates evidence of sniffing with acts of actual snooping.

A spokesman for China’s Foreign Ministry has dismissed the report’s claims as rumor and said his government was committed to protecting Internet security. “There’s a ghost abroad called the Cold War and a virus called the China threat,” ministry spokesman Qin Gang told a news conference.

In fairness, the researchers acknowledge up front that its findings raise more questions than answers and that it is “not clear whether the attacker(s) really knew what they had penetrated, or if the information was ever exploited for commercial or intelligence value.” It says that proving who is responsible for cyber attacks remains a major challenge — what experts refer to as the “attribution problem.”

The report was conducted at the request of the office of the Dalai Lama and Tibetan exile organizations, who have long accused the Chinese government of using cyber war to disrupt their activities. It describes the sophisticated techniques used to infiltrate the computers of the offices of the Tibetan government-in-exile. But the connections it draws to a wider global spy ring are sketchy. Some of the break-ins may be explained by shoddy computer maintenance.

In cyberliterature, the bad guys, typically unknown, break into vital government, military, banking or political organizations and cause immeasurable damage or steal uncounted billions of dollars. Throw in contemporary geopolitical rivalries and references to the latest techno-jargon and the formula is more or less complete.

To be sure, international computer security experts have seen the hand of Chinese hackers in growing number of computer intrusions around the world in recent years. The global scale combined with the sophisticated targeting of specific computers by GhostNet make most efforts at wiretapping government opponents scrawny by comparison.

But China is not alone among major world governments in viewing cyber warfare as a tenet of national security. To an unknown degree, for example, the United States, Israel and Britain snoop not just on their enemies but also their critics.

The problem with much of the writing about computer security is that it conflates basic issues of computer hygiene with diabolical threats to society or the economy. In the virtual world, teenage vandalism of web sites blurs into acts of terror. Police and government officials don’t help by painting the Internet’s inherent tension between openness and security as a danger to public safety.

11 comments

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/

Electronic warfare is the politics of the future.
I wish somebody would explain to me why our leaders aren’t opening the doors to our colleges to find and train the best America has to offer in the hacking community. Geeks are the warriors of the future.
20K a year for college!
We should throw open the doors to anyone with the desire and skill to learn as an integral part of the stimulus plan.

1

Posted by oops | Report as abusive

Scare tactics have been used to control the masses since long before the internet. Now, however, they are used to control economics. Specifically to control sentiment (anti Windows) and to generate revenue (malicious worm set to take over billions of computers). IMO it is garbage. If people took as much time to perform regular maintenance on their PC’s (as they do their appearance or their vehicles), the threat would be miniscule. There is not doubt that China has been engaged in this type of activity, but I would be more than suprised if ALL of the major governments don’t do the same thing to one degree or another. You dont think that the cyber-terrorists caught here in the US that are NOT prosecuted do not do the same thing under the guise of prevention. Espionage is espionage, and has been going on since the cold war, we just dont run around with micro-cameras in our tie clips anymore.

Posted by Mark in Las Vegas | Report as abusive

You need to read “The Art of War” by Sun Tzu to understand the Chinese. It teaches the high importance of espionage. It teaches how to crush your opponent without going to war.

In Viet Nam we were beaten by the book. Now all of our military must read this book. But now all our politicians need to read it as well.

I doubt that there are many secrets. This sort of thing has been going on for so long. You used to be able to use a web browser to read all the US defence research right down to who where and what along with forward estimates, although I haven’t checked lately.

I’d go so far as to say there are almost no secrets. There are vast numbers of hackers constantly attacking computers everywhere, we get hundreds of Eastern block and Chinese hackers competing with plenty of others (sometimes pretending to be them) attacking our systems daily with both manual and automated attacks. As for the average user securing their PC, give me a break, you have to be kidding.

It still makes perfect sense to recruit the young bright ones to do likewise, but as for preventing the opposition from stealing your secrets, well it may just be too late. Better to work on making some new secrets and securing those.

“Geeks are the warriors of the future…”
What an horrific vision!
Does that mean as part of a cyber-military structure unfathomable to ordinary people, barricaded behind randomly invented jargon, with absolutely no common sense application to the time honoured standards of human interaction?
Ever tried mucking about with ‘Windows’, installing a geek made game mod, or wondered why some programme’s installation instructions or icons bear no relationship to their usable function?
Because the Geeks that made them are by definition incapable of normal communication with average human means. They think like their programmes are designed- in a linear fashion whilst the world outside goes on in its own separate glorious multi faceted intuitive complexity.
Keep the geeks indoors and away from anything important PLEASE!!
Or at least set them up against our own governments who as usual provide the biggest threat to their citizens, rather than some incestuous pretend or ineffectual conspiracy of ‘foreign’ hackers.

Posted by Rhoopsis | Report as abusive

It’s no different than any other type of warfare. Getting to know your enemies is rule #1. If something can be used as a weapon, it will be.
What’s really disturbing about that news, is that it went on for so long. It takes time to hack a system. Why wasn’t it detected sooner? Not enough glory in it? I think it’s time Homemade Security got to work on some real problems instead of making a big show out of harassing citizens.

Posted by Don Brooks | Report as abusive

No Govt doesn’t want to develop a community of home-bred hackers. 1337 are a little harder to control than govt workers (who in any country are less able) And you wouldn’t want to give that power to a small group of highly motivated non-conformist and non-materialist engineers.

Politicians and Capitalists should be thankful that logic underpins our creations, and that our products demand integrity on every level. Let’s hear that from the mouth of a politician or a CEO.

If the technically expert unionized, we would be the most powerful and moneyed professional body on earth. Then, according to those that use us for their profit and success, we would be terrorists and criminals. Rich ones – Just like them. The rich and powerful only like free market competition when it benefits them. Look around. RTFM.

Posted by GSD | Report as abusive

The U.S. already only recruits people for cyber warfare training. The Army’s school is in Texas and the Navy’s is at the graduate school at Ft. Ord. That’s not a secret by the way; there are more than a few instructors at SANS that have that in their bio and talk about the experience.

Too much of what goes on with this stuff has nothing to do with the actual existential risk, and a great deal to do with getting funding to continue idiotic activities at HomelandSec and any number of other government agencies. I fear ‘experts’ pushing product and services as a response to the ‘threat’ more than the actual attackers.

Posted by Xenophon | Report as abusive

cyber-warfare is a poor choice of terms not appropriate to modern networked economies.

These efforts by potentially hostile intelligence networks which includes those with friendly diplomatic relations probe critical infrastructure, analyze weakness and sieze advantage through compromise of commercial and defense Intellectual Property and Communications to undermine commercial and defense systems, strategies and long-range development.

In this Commercial Espionage Networks have loyalty to only the Buck and serving their patron special interests and not those of the average American.

As we attempt to secure our borders, our easiest border to protect is our Electronic Border (“The one in your pocket or in front of you now”). The problem is that our Domestic Information Based Companies seek more Globally Open Access.

To implement GREATER domestic ENCRYPTION SECURITY against Hostile Intellilgence Networks and services might undermine the efforts of our domestic companies to advantage our open system in destruction of their smaller competitors. There is nothing easier than stealing a product idea and distribution to a Chinese company for manufacture. Happens every MINUTE.

The first thing the Chinese are short on is IDEAS and there is no better way to advance their economy than pilfering American Ingenuity but to stop them and other (friendly’s) we must first stop our own domestic Networked IP Criminals and the biggest is a PUBLIC COMPANY and their VC Partner.

In this regard, it appears non-coincidental that the FCC is now looking at our National Wireless, regulation in the commercial field is the first step in our enhanced national security which should be strongly biased to Property Security as opposed to Socialist and Communist countries, now fully penetrating our systems borders.

Communist infiltration (a scare in the 50s) is the reality of this generation and our lax behavior toward unreasonable domestic corporations looking to do business with our (friends), has compromised our long-range National Interests for a market-favorable quarterly report.

This is FACT.

China and our friends should BACK OFF or we should throw them out forcefully through deportations and sweeps of our domestic companies Foreign Labor Pool.

There is a line that can not be crossed, we need to teach Foreign Intel Networks and our domestic companies more forcefully where that line is. It is time that the internet-cloud be cleared and HARD BORDER be established.

Easy enough…

It is not cyber-warefare it is a constitutional compromise of our guaranty of democratic/capitalist government.

This is our country and we will defend it.

Stand on the Border.

Cyberspace, cyberwar, “cyberliterature”… Can we get over the neologisms please? Of course important networked systems are a theatre for conflict – just like any infrastructure is (or cyberstructure as you, no doubt, prefer). Generals will keep their strategies, and journalists will keep spouting the technobabble.

“Ah, what an age we live in…” seriously, is that the only point of this article?

Posted by Marc | Report as abusive

But who is gonna program all the new Grand Theft Auto games if we deport everyone?

Maybe there is no such thing as a computer, you know?