REALTIME IT NEWS
REALTIME IT NEWS
Newsletters Select newsletters below and click the button to sign up!
Internetnews BloggersRecent Entries
Archives
Monthly ArchivesSearch The Blog
« JBoss CTO leaving Red Hat |
Sean Michael Kerner Blog
| Red Hat Fedora reveals details on intrusion attack »
GhostNet cyber-spy network busted by Canadians
From the 'Is China spying on you?' files:
A massive global spying network, dubbed GhostNet, was uncovered this weekend by researchers at my alma mater ,The University of Toronto. The network was allegedly run by the government of China, and was discovered first by an examination of the Tibetan Dalai Lama's website by the researchers, but is much more widespread than any one site. "The investigation ultimately uncovered a network of over 1,295 infected hosts in 103 countries," the report states. "Up to 30 percent of the infected hosts are considered high-value targets and include computers located at the ministries of foreign affairs, embassies, international organizations, news media and NGOs. "Allegedly the GhostNet -- which in my view is just another name for a botnet -- infected the hosts by way of a trojan that was delivered by way of a document attachment. There are a few really interesting aspects to this story. First is the fact that there is a global co-ordinated effort by 'someone' (maybe China but we don't know for sure) to infilitrate global political organizations. Then there is the fact that this GhostNet was discovered accidentally almost by way of an examination of the Dalai Lama's website (who had requested that the UofT researcher examine his site as his was suspicious of certain activities). It is unclear at this point how long this spying activity has been going on, and it is also unclear if any of the affected parties knew about these issues prior to being informed by the security researchers. From a security point of view, the GhostNet is particularly disturbing because it should be preventable. You would think that with proper network access controls in place, anti-virus software and firewalls, that trojan sshouldn't be able to infect PCs. We don't know the security posture of all the infected PCs, but if they weren't all properly secured that's pretty scary. If they were secured and they still got infected, that's even scarier. What is for sure is that botnets and trojans are no longer just the domain of criminals. Trojans are now also a cyber-weapon that can be used by governments (or their agents) for spying operations. 0 TrackBacksListed below are links to blogs that reference this entry: GhostNet cyber-spy network busted by Canadians. TrackBack URL for this entry: https://swarm.jupitermedia.com/mt-tb.cgi/7765 2 CommentsLeave a comment |
||||||||||||||||||||||||||||||||||||||||||||
Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs 
|
Iron Speed Designer Application Generator |
MORE DOWNLOADS, EKITS, AND FREE TRIALS |
Digg
Del.icio.us
furl
StumbleUpon
BlinkList
Newsvine
Magnolia
Facebook
Tailrank
Slashdot
Technorati
Google
Bookmarks
Yahoo
Favorites
Windows
Live
Ask
"From a security point of view, the GhostNet is particularly disturbing because it should be preventable. You would think that with proper network access controls in place, anti-virus software and firewalls, that trojan sshouldn't be able to infect PCs."
Interesting point. But don't you think that any decent "cyber-spy" would be able to break through anti-virus technologies?
I wrote a blog on the same topic. Check it out
http://www.smudailymustang.com/?p=10476
Does anyone know where this chinese spy networks "home base" is?