Google cyber attack: the evidence against China
Hackers in China are attacking US companies like Google with 'professional quality, organization, and discipline' – raising the specter that the government is involved in the cyber attacks.
(Page 2 of 2)
Researchers found through reverse engineering "a covert, difficult-to-detect, and elaborate cyberespionage system capable of taking full control of affected systems," according to a March report by Information Warfare Monitor, a group that includes University of Toronto Researchers and The SecDev Group, an Ottawa cybersecurity firm.Skip to next paragraph
Subscribe Today to the Monitor
In each case, a Trojan program was downloaded that allowed the attackers real-time control of the computers traceable to "commercial Internet accounts on the island of Hainan," home of the lingshui signals intelligence facility and the Third Technical Department of the People's Liberation Army.
"Definitely what we're seeing is a new method of infiltrating targeted computers," says Ron Deibert of the Munk Centre for International Studies at the University of Toronto, whose team identified the existence and targets of the GhostNet in an article published in March 2009.
"The significance of GhostNet is that the targeted computers were collected using targeted malware in a systematic manner, not randomly – and because of their strategic relationship to each other," he says. "They all related in some manner to China's strategic, economic, or foreign policy interests."
The GhostNet system attacks used e-mails with subject matter that is tailored to be relevant to the target, along with an attachment "packed with exploit code and Trojan horse programs,” the report said.
Once the attachment is opened, “files located on infected computers may be mined for contact information and used to spread malware through e-mail and document attachments that appear to come from legitimate sources, and contain legitimate documents and messages," the report said.
That's a pattern that has been replicated at other companies – and the US more broadly, according to the US-China commission report.
The information targeted in the US could potentially benefit a rival nation’s “defense industry, space program, selected civilian high technology industries, [or] foreign policymakers interested in US leadership thinking on key China issues,” the report says.
“The report takes no regard of the true situation,” he said in a statement posted on a government web site. “It is full of prejudice, and out of ulterior motive. We urge the so-called commission not to see China through colored lens and not to do things that interfere with China’s internal affairs and undermine China-US relations."
Follow us on Twitter.