http://it.slashdot.org/it/09/03/28/190251.shtml (http://it.slashdot.org/it/09/03/28/190251.shtml)


"Researchers in Toronto have discovered a huge international electronic spying operation (http://www.nytimes.com/2009/03/29/technology/29spy.html?_r=1&hp) that they are calling 'GhostNet.' So far it has infiltrated government and corporate offices in 103 countries, including the office of the Dalai Lama (who originally went to the researchers for help analyzing a suspected infiltration). The operation appears to be based in China, and the information gained has been used to interfere with the actions of the Dalai Lama and to thwart individuals seeking to help Tibetan exiles. The researchers found no evidence of infiltration of US government computers, although machines at the Indian embassy were compromised. Here is the researchers' summary (http://www.infowar-monitor.net/modules.php?op=modload&name=News&file=article&sid=2176&mode=thread&order=0&thold=0); a full report, 'Tracking "GhostNet": Investigating a Cyber Espionage Network' will be issued this weekend." A separate academic group in the UK that helped with the research is issuing its own report, expected to be available on March 29. Here is the abstract (http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.html). They seem to be putting more stress on the "social malware" nature of the attack and ways to mitigate such techniques.


Interesting stuff. For some reason when I see GhostNet, I think SkyNet.

Think Chi-net :)

A topic close to my heart, since I live and work in Beijing at our embassy there. The general assumption for most of us is that we live in a fish bowl and that everything is compromised at any given time, so nothing new. All you can do is try to mitigate, especially with your home computer. Turn everything off when its not in use. Unplug web cams, microphones and speakers when not needed. Turn off the power at the power supply, power strip or unplug your system when not in use. Don't leave broadband turned on if not in use or not needed etc: EI playing a standalone game or typing something up in Word. Oh and don't do anything that granny would not approve of while at your computer.

Common sense pure analog stuff that is very much in the user's realm of control even when your computer has been breached. People who use these "GhostNet" type of cyber-spying rings have an easy time if you are the type that leaves your computer running all the time with everything enabled, powered up and never shuts off the internet connection. Shutting down and reducing online time doesn't keep them out but it reduces the impact. Big Brother (Be the Big Brother of China, Israel, The UK, or the USA) is always watching and its something you just have to deal with.

Lummus...shouldn't you be off declaring a war with your new found powers on some undeserving foreign country?

Lummus...shouldn't you be off declaring a war with your new found powers on some undeserving foreign country?

Right. Only I will disguise my aggression in a shroud of righteousness, such as:

"If you turn off your computer and Internet when its not in use, you can save money on your electricity bills and lower your carbon foot print".

How many Carbon Offsets do I have to buy?

Applying all that paranoia to the attack vectors is more productive (and safer) than being paranoid anytime your computer is on and/or connected.

Of course, no matter what country you're in, assume everything you send or receive on the Internet is logged, analyzed, and often sold to advertisers. Even when governments aren't involved, this is true.

I don't consider it paranoid at all, considering I live and work IN China, work for the US gov't and at the embassy to boot. I don't use my computer any less here. I just choose to not leave it turned on all the time. AT work, as in the building called the Embassy, yes there probably is more effort put into trying to find where these so called attack vectors come from, but you know what? If the Chinese are confronted by allegations that they are snooping, what do you honestly think they are going to say?

They will deny it and perhaps tell us its the work of some 12 year old kid. They of course will look into it. Also, they would probably tell us to look domestically, since the connection is through satellite back to the States anyway.

Now in our homes, thats different. We all use Chinese ADSL service and there is no one keeping tabs on potential cyber attacks on our personal computers since the mice guard the cheese here. Thats why its best to just assume they are snooping all the time, but they can't snoop if things are turned off when not in use. Its the same concept as closing and locking your door when you arn't at home and turning off the lights. Its just mitigation, the same as telling your kids not to post personal information online or anything of that nature. This is not a case of OMG break out the tinfoil hats. Yes, everything is monitored in the States too by corporate interests looking to peg you into a niche market but there they just want to sell you something. Here in China, they try to blackmail you in order to discredit the gov't.