Print 26 comment(s) - last by dsx724.. on Apr 11 at 12:16 PM

Chinese hackers stole information from a variety of parties. While the attacks related to rivals or enemies of the government, the Chinese government claims not to have been involved and says its investigating the incident.  (Source: LIFE)

The attacks originated from the Southern China city of Chengdu.  (Source: CJ Report)
Report authors say Chinese government is cooperating to investigate the situation

Cybersecurity researchers at the University of Toronto's Munk School of Global Affairs claim to have discovered a massive campaign of cyberespionage carried out by members of China's underground hacking rings.  The campaign zeroed in on high profile targets in India, including Tibetan exiles and the Indian Defense Ministry.  

The attackers used attacks on social networking, blogging, and email services, such as Twitter, Google Groups, and Yahoo Mail to gain access to individual computers, forcing them to communicate with attack servers in China.  The authors of the study "Shadows in the Clouds" say that the underworld cybercriminals likely stole information to try to make a profit and may have passed information on to the Chinese government.

The information stolen from the Indian military includes secret assessments of the security situation in northeastern states bordering Tibet, Bangladesh and Myanmar, as well as insurgencies by Maoists.

On the surface, the Chinese government has pledged a thorough investigation in response to the incident.  Describes Nart Villeneuve at the University of Toronto, "We did not find any hard evidence that links these attacks to the Chinese government.  We've actually had very healthy co-operation with the Chinese computer emergency response team, who are actively working to understand what we've uncovered and have indicated they will work to deal with this ... It's been a very encouraging development."

A Chinese foreign ministry spokesperson stated, "[Chinese] policy is very clear. We resolutely oppose all internet crime, including hacking."

It seems more than mere coincidence, though, that the attacks targeted Tibet's government in exile and Dalai Lama, whom China views as enemies.  Last year the Tibetans were hit by a much larger attack, which the University of Toronto researchers dubbed "GhostNet".  Describes Munk School's Ron Diebert, "The social media clouds of cyberspace we rely upon today have a dark, hidden core, There is a vast subterranean ecosystem to cyberspace within which criminal and espionage networks thrive."

University of Toronto researchers say that most antivirus programs are currently ineffective in preventing attacks on social networks or email services, which were a major source of these compromises.  The researchers suggest stripping attachments from all external email and instead transferring files over a secure channel like SFTP.

The recent attacks affect the U.S. too as the attackers stole private data from visa-seekers to the Indian embassy in Afghanistan and the Indian and Pakistani embassies in the United States.

According to researchers, the IP's used in part of the attacks were traced to Chongqing, a large city in southwest China, while addresses in the nearby city of Chengdu were used to control Yahoo Mail accounts used in the attacks.  Graduates of the University of Electronic Science and Technology of China reportedly owned some of the servers used in the attacks and may have masterminded the entire scheme.

China has been rather friendly to India of late, trying to leverage the issue of global warming to align the south Asian nation against the U.S.  India and China are the world's most populous countries, each with over a billion people.  They also are fast becoming world superpowers in research and industry.  With that growth has come clashes, both between each other and between the world's current economic leader, the United States.  

China and India's relationship has been damaged by the Chinese occupation of Tibet, a small province that borders India.  India and the U.S. have also taken issue to China's censorship policies and with the fact that China does little to stop hackers from attacking foreigners, and in some cases its own citizens.  As many of these attacks target political or economic rivals of the government, there seems to be government involvement in some cases, even if there's no evidence to explicitly prove that the government is supporting the cyberintrusions.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Not quite
By TerranMagistrate on 4/7/2010 1:39:14 PM , Rating: 2
India and China are the world's most populous countries, each with over a billion people. They also are fast becoming world superpowers in research and industry.

Hmmm, not quite all that quickly. Reverse engineering and IP theft make this often recurring claim little more than hyperbole. In reality, western countries and Japan will continue to be the primary sources of genuine research, invention and innovation.

RE: Not quite
By gcor on 4/7/2010 11:00:15 PM , Rating: 2
I'm afraid I couldn't disagree with you more.

Having worked in large corporate R&D for 20 years, I can tell you that the majority of R&D work has already moved to India and China due to well educated and cheap engineers. For example, that great US company, G.E., now has 12,000 engineers in India, doing real R&D work, not reverse engineering.

I predict that in the not distant future R&D will be like manufacturing, mostly done in low wage countries. I wish it weren't true as that's my software engineering job out the window. However, for too many years I've been too actively involved in successful project moves to eastern Europe, India & China not to see the writing on the wall.

"If they're going to pirate somebody, we want it to be us rather than somebody else." -- Microsoft Business Group President Jeff Raikes

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki