Vast Electronic Spying Operation Discovered 303
homesalad writes "Researchers in Toronto have discovered a huge international electronic spying operation that they are calling 'GhostNet.' So far it has infiltrated government and corporate offices in 103 countries, including the office of the Dalai Lama (who originally went to the researchers for help analyzing a suspected infiltration). The operation appears to be based in China, and the information gained has been used to interfere with the actions of the Dalai Lama and to thwart individuals seeking to help Tibetan exiles. The researchers found no evidence of infiltration of US government computers, although machines at the Indian embassy were compromised. Here is the researchers' summary; a full report, 'Tracking "GhostNet": Investigating a Cyber Espionage Network' will be issued this weekend." A separate academic group in the UK that helped with the research is issuing its own report, expected to be available on March 29. Here is the abstract. They seem to be putting more stress on the "social malware" nature of the attack and ways to mitigate such techniques.
Re:From TFA (Score:4, Informative)
the abstract mentions that the attack was done using malwares. Firstly, I expected Chinese hackers (read govt.) smarter than this.
The bulk of Chinese intel is heavily distributed. The world's largest families don't need to rely on 007 agents; they can aggregate huge quantities of data by getting observant volunteers from the chinese diaspora to send bits of info back home through regular channels, like aunt Ping or even uncle James. It's so distributed it doesn't look like spying, and it isn't really, in the traditional sense.
This has driven counterintelligence agencies in 'western' democracies and republics to distraction. There are hardly any spooks to catch, mainly just a giant global gossamer net of informers, and enormous compiling and analysis operations in China. The 'agents', who are barely agents if at all, have strong deniability and can always fall back on complaints of harassment due to ethnic targeting. (Google the issue, it's amusing.)
I think it's brilliant, even if wholly dependent on the chinese sense of family ties. A malware attack is a similar approach: it doesn't look like the work of spies, at first, and it's broadly distributed. So, it's plausible that it could be a chinese intel operation, just from the M.O.
There is no "call in debt" (Score:2, Informative)
That isn't how treasury bonds work. There is no "call in debt" they are Bonds that are not instantly redeemable. Ten Year Bonds gets paid off in Ten years etc.
All they can do is attempt to sell all their bonds on the open market and destroy their value. In that case they cut off their onw nose to spite themselves.
Re:From TFA (Score:5, Informative)
Windows is much more prevalent and the low hanging fruit. I don't think Mac and Linux will be totally ignored, but the bulk of the effort will go where the bulk of the target are, and in a normal office environment that means Microsoft Windows, Office and Internet Explorer.
Re:Sanctions overdue (Score:3, Informative)
Re:Sanctions overdue (Score:5, Informative)
How do you think wealth is created? By magic? Hardly: it's by building and selling things to other countries, it's called trade.
This is categorically incorrect. You can create wealth without ever trading with another country on the entire planet. The idea that wealth only comes from a positive current account is a discredited idea that dates back to mercantilism.
You know how you really create wealth? By growing your GDP faster than your population, resulting in a growth in disposable income per capita. It doesn't matter if we're digging holes and filling them again, as long as at least one party in the economy finds this valuable to them.
Let's say I write a book and sell it to you for $10. Then let's say I pocket $2 of that as profit, then turn around and pay someone else $8 to print the book. That person turns around and pays someone else $6 for paper and ink. Etc., etc.
In exchange for your $10, you've made a whole series of people $2 richer, and you now own a book presumably worth $10 to you. That $10 just became $20 of national wealth, by the "magic" of economics. And no other countries were involved, no mining of gold or printing of money, just an input of domestic labor, capital, and resources to provide a product you value.
Economics is ultimately about everyone providing goods and services to everyone else. Money is just a mechanism for keeping score of who owes who what.
Re:Sanctions overdue (Score:2, Informative)
and c) everybody who imports your goods and services retaliates with tariffs.
I recall when Bush applied import tariffs to steel in 2002 [wikipedia.org]. The EU responded with tariffs designed to be equal in value, but applied them to a selection of goods very carefully picked to do him as much political damage as possible.
Re:Target operating system? (Score:2, Informative)
> The Mac OS and Linux/BSD are much harder malware targets, for many reasons.
> Lack of an easy way to insert and run an executable file being one.
Actually running something on a Linux system is easy, just perhaps not as root. But if you browse the poisoned site from your account and got your 'secret' stuff in ~/documents I'd imagine, that it can be gotten to from just the normal user context.
So the question the researchers bring up on how to defend against such attacks is a very valid one, and while Mac and Linux may make it a bit harder for now, it doesn't make the attacks impossible. I can only imagine, that a severely SELinux'ed environment and/or actual sandboxing of Internet-exposed apps (browser, e-mail etc.) in virtual machines will be part of any solution (even though a virtual machine with just your e-mail is probably still vulnerable to having *all* your mail exposed therein). Suggestions anyone?
Re:From TFA (Score:3, Informative)
Because it's exponentially more difficult to infect non-Windows computers?
After all, Macs are what, 5% of the computing world at this point? And yet, not 0.005% of the virus infections are on Macs.
The old saw of Macs or Linux or whatever not being worth targeting doesn't sing.
Re:Is anyone's computer 100% secured? (Score:3, Informative)
ssh? Sorry. Maybe it should have been ssl.