Canadian research uncovers cyber espionage network
Malware-spreading computers based mainly in China
Last Updated: Sunday, March 29, 2009 | 10:03 AM ET
CBC News
Canadian researchers have uncovered an internet spy network, based almost exclusively in China, that has hacked into computers owned by governments and private organizations in 103 countries.
The findings follow a 10-month investigation by researchers from the Ottawa-based think tank SecDev Group and the Munk Centre for International Studies at the University of Toronto.
The group was initially asked to look into allegations that the Chinese were hacking into computers set up by the Tibetan exile community, but their work eventually led them to a much wider network of compromised computers.
Once the hackers infiltrated the systems, they installed malware — software that sends and receives data. By doing this, they were able to gain control of the electronic mail server computers of the Dalai Lama’s organization, the group said.
The researchers said the spy network, dubbed GhostNet, infiltrated at least 1,295 computers, many belonging to embassies, foreign ministries and other government offices, as well as the Dalai Lama’s Tibetan exile centres in India, Brussels, London and New York.
"Significantly, close to 30 per cent of the infected computers can be considered high-value and include the ministries of foreign affairs in Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan," the researchers said.
Other compromised computers were discovered at embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan.
The list continues with the network infiltrating economic organizations in Southeast Asia, news organizations, and an unclassified computer located at NATO headquarters. Although almost all the hackers were based in China, the researchers could not say if they are working for the government.
A spokesman for the Chinese consulate in New York dismissed the idea that China was involved.
The spokesman, Wenqi Gao, told the New York Times these are "old stories" and "nonsense."