'GhostNet' invasion requires global response

March 31, 10:15 AMPolitical Issues ExaminerJudah Freed

Previous Next

2 comments Print Email RSS Subscribe

Subscribe

Get alerts when there is a new article from the Political Issues Examiner. Read Examiner.com's terms of use.

Email Address   Include other special offers from Examiner.com Terms of Use

Reports surfaced over the weekend of an international breach of supposedly secure computer systems, allegedly perpetrated by officials in the People's Republic of China, apparently focused on the Dalai Lama and Taiwan but extending to government and private computers in 103 countries.

Dubbed "GhostNet,"  a malware network that's been controlling computers remotely, the surveillance system hacked into computers remotely for tracking keystrokes along with switching on computer cameras and microphones to spy on activities in the rooms where computers were located. GhostNet apparently exploited email spread itself like a smart virus to targeted computers.

Hints of the malware (malicious software) was first detected by the IT staff of the Tibetan Government in Exile (TGIE), led by the Dalai Lama, now based at Dharamsala in northern India. TGIE sought help from the Information Warfare Monitor (IMW), a joint venture of Toronto University’s Citizen Lab at the Munke Centre for International Studies and the Canadian think-tank SecDev.

Their nine-month investigation revealed that GhostNet allegedly invaded 1,295 computers used by the Dalai Lama and other Tibetan exiles as well as computers used by NATO officials, diverse foreign ministries and embassies, plus banks and news organizations across the world.

IWM detected hacked computers in Bangladesh, Barbados, Bhutan, Brunei, Cyprus, Germany, India, Indonesia, Iran, Latvia,  Malta, Pakistan the Philippines, Portugal, Romania, South Korea, Taiwan, Thailand,  the United States, and elsewhere.

IWM said on March 28 that hackers in China appeared to be the main source of Ghostnet, but the exact identify of the hackers has not yet been determined.

Representatives of the PRC in London and elsewhere around the world have refuted the allegations as "propaganda." In statecraft, that's called a "non-denial denial." If I call you a thief, and you reply that the charge is a rumor, you are not denying the rumor is true.

Certain proof, however, would require clear-and irrefutable evidence of a Chinese government official either giving instructions or approval to the GhostNet operators. I heard a report on National Public Radio that IMW reversed the malware and spied on the spies in China, but I've neither heard nor seen any reports about solid proof that the Chinese government is the culprit.

Personally, I'd be astounded if top officials within the People's Republic of China were not aware of the GhostNet project, at least, even if they did not formally authorize the spying campaign. Logically, if you ask yourself who had the most gain from the fruits of the operation, the most reasonable answer is the government of the PRC. 

The problem, as I've pointed out before in this column, is that the Chinese government has effectively insulated itself from sanctions by the United States and other major powers by lending billions in dollars and other currencies to the U.S. and other nations. Notice the relative silence the Obama administration of the GhostNet issue. Obama cannot afford to bite the hand that feed him.

Further, without solid proof, irrefutable proof that would pass muster in any honest courtroom, no government on the planet has any legal grounds to impose sanctions on the Chinese government.

Therefore, in lieu of such solid proof, I propose a global technological fix to prevent kind of malware invasion this from happening again. If every major nation participates in this technical fix, the Chinese government (or any other future government that launches a cyber attack), will be unable to retaliate effectively against a coordinated global defense.

If the technical solutions I recommend (please see my Media Industry column today) are implemented globally, even if incrementally, the entire world will be a safer place.

Here are four of the better reports about GhostNet on the Web this morning:
Chinese hackers ‘using ghost network to control embassy computers’ (The Times of London)
China dismisses Internet spy claims as rumour (Welt Online)
Meet the Canadians who busted GhostNet (Globe & Mail)
Ghost in the Machine: A report from the Front Line in the Cyberwar (China Matters)
 

A REQUEST: Please keep your comments relevant to the topic of the posting above.
And please practice civility in your interactions with others here. Thanks.