Categories
Aktuellt Internet

Kina – inte bara en ekonomisk supermakt

En forskargrupp vid University of Toronto, med 34-årige Nart Villeneuve som superhacker, har kartlagt spionageaktiviteter som styrs från Kina. De har funnit 1295 st smittade värddatorer i 103 länder, varav nästan 30% av datorerna har anknytning till mycket viktiga verksamheter.

Angriparen har i flera fall kunnat fjärrstyra den angripna datorn – inklusive kringutrustning såsom webcams och mikrofoner samt få tillgång till hela filsystemet.

Fr v Ronald J. Deibert, Greg Walton, Nart Villeneuve och Rafal A. Rohozinski (Bild: Tim Leyes for The New York Times)
Fr v Ronald J. Deibert, Greg Walton, Nart Villeneuve och Rafal A. Rohozinski (Bild: Tim Leyes for The New York Times)
Utrikesdepartementen i de här länderna har drabbats:
  • Iran
  • Bangladesh
  • Lettland
  • Indonesien
  • Filippinerna
  • Brunei
  • Barbados
  • Bhutan
Följande länders ambassader:
  • Indien
  • Sydkorea
  • Indonesien
  • Rumänien
  • Cypern
  • Malta
  • Thailand
  • Taiwan
  • Portugal
  • Tyskland
  • Pakistan
Organisationer
  • ASEAN (Association of Southeast Asian Nations)
  • SAARC (South Asian Association for Regional Cooperation)
  • Asian Development Bank
  • Nyhetsorganisationer
  • en okänd dator på NATOs högkvarter

Läs mer här:

Dagens Nyheter

Forskaren Nart Villeneuves sajt

Artikel i New York Times

Hela rapporten:
Tracking GhostNet: Investigating a Cyber Espionage Network Tracking GhostNet: Investigating a Cyber Espionage Network The SecDev Group This report documents the GhostNet – a suspected cyber espionage network of over 1,295 infected computers in 103 countries, 30% of which are high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs.

The capabilities of GhostNet are far-reaching. The report reveals that Tibetan computer systems were compromised giving attackers access to potentially sensitive information, including documents from the private office of the Dalai Lama. The report presents evidence showing that numerous computer systems were compromised in ways that circumstantially point to China as the culprit. But the report is careful not to draw conclusions about the exact motivation or the identity of the attacker(s), or how to accurately characterize this network of infections as a whole. The report argues that attribution can be obscured.

The report concludes that who is in control of GhostNet is less important than the opportunity for generating strategic intelligence that it represents. The report underscores the growing capabilities of computer network exploitation, the ease by which cyberspace can be used as a vector for new do-it-yourself form of signals intelligence. It ends with warning to policy makers that information security requires serious attention.

Publish at Scribd or explore others: Published Research Academic Work malware information warfare