April 1, 2009
Ghostnet: China’s massive spynet uncovered
The Biggest Brother. While the UK is well on its way to being a security-surveillance police-state, and America’s plans are apparently “on hold” for now, it would seem hard to imagine another nation attempting to lay claim to the “Big Brother” title. But China has been doing just that, according to a recently released report from researchers at the University of Toronto. A ten-month investigation has turned up some 1300 infected systems worldwide, including high-value government computers like those of the exiled Tibetan government and the Dali Lama. A full report can be downloaded from here.
Vulnerability detected between keyboard and chair. The way the infection was spread sounds typical: e-mails were sent with a trojan attached, the user unwittingly opens the attachment and infects his system, and the infected system uploads sensitive files to China and spreads even more e-mails where the user unwittingly opens the attachment…
What happens after the initial infection:
“The GhostNet system directs infected computers to download a Trojan (horse) known as ghOst RAT that allows attackers to gain complete, real-time control,” the authors write in Tracking GhostNet: Investigating a Cyber Espionage Network.
“Our investigation reveals that GhostNet is capable of taking full control of infected computers, including searching and downloading specific files, and covertly operating attached devices, including microphones and web cameras.”
Other Ghosts on The Net? While the Ghostnet is concentrated more on Asia, there’s a possibility that American systems have also been infected, though no reports about such infections have surfaced… yet.
Americans being spied on by foreign nations may not be new, but The Student Operated Press raises concerns about the US cybersecurity scheme, and even worse, that a post-9/11 paranoia-infected Department of Homeland (in)Security has its own Ghostnet:
Robert Paul Reyes (S.O.P.):
I hope that the CIA is taking serious precautions to safeguard our military and intelligence computer systems. I`m confident that they are running their own GhostNet operations to keep track of our many enemies throughout the world.
But what I fear the most is that the Department of Homeland Security has a GhostNet operation to keep track of Americans. Under the guise of fighting terrorism the Bush administration wiretapped the phones of Americans without obtaining a warrant from the courts.
What Ghostnet is about may be scary, but it’s small fries compared the what Conficker may have to offer…