Canadian researchers reveal how they cracked Chinese spy scam on Dalai Lama.Byline: ANI Toronto (Canada), Mar. 30 (ANI): A 34-year-old international relations international relations, study of the relations among states and other political and economic units in the international system. Particular areas of study within the field of international relations include diplomacy and diplomatic history, international law, student and part-time tech geek Meet at Toronto's Munk Centre for International Studies The Munk Centre for International Studies, part of the University of Trinity College, a federated college of the University of Toronto, is devoted to the study of numerous issues of international significance. tried everything to track down a piece of malicious software that had infected computers around the world, including those in the offices of Tibetan spiritual leader, the Dalai Lama Dalai Lama (dä`lī lä`mə) [Tibetan,=oceanic teacher], title of the leader of Tibetan Buddhism. Believed like his predecessors to be the incarnation of the Bodhisattva Avalokiteshvara, the 14th Dalai Lama, Tenzin Gyatso, 1935–, . Finally, he turned to the ultimate hacker's tool: He entered some of the code from those infected computers into Google. Just like that, he found one of the cyber-spy network's control servers, then another, and another. From that Eureka moment came a flood of information, almost all of it suggesting the ring originated in China. A team of Canadian researchers revealed this weekend a network, dubbed GhostNet, of more than 1,200 infected computers worldwide that includes such "high-value targets" as Indonesia's Ministry of Foreign Affairs foreign affairs pl.n. Affairs concerning international relations and national interests in foreign countries. and the Indian Embassy in Kuwait, as well as a dozen computers in Canada. The revelation left government bodies around the world scrambling to determine what sensitive files may have been compromised by the cyber-spy network, which even now continues to spread and infect, its authors apparently undaunted by all the extra attention. The revelation that the vast majority of the attacks appear to originate from China has prompted an angry denial from Beijing, which slammed the report as nonsense. It is hard to believe that the search for the origins of the massive cyber breach began just a few months ago in a room at the foothills of the Himalayas, with a Canadian researcher watching a 'ghost' steal a file from the Dalai Lama. Greg Walton showed up in Dharamsala in September of last year to determine whether somebody was trying to spy on the Dalai Lama's computer. With a background in international relations and computer science, British-born Walton had been advising the Tibetan government on security issues since the late 1990s. The Dalai Lama's Geneva-based adviser had recently asked him to check whether Tibetan government computers had been the subject of an attack. "We were granted unprecedented access to the private office and to the computer systems," says Walton, who is one of three researchers at the Munk Centre's Citizen Lab - along with Villeneuve and lab head Ron Deibert - who worked on the 10-month investigation in conjunction with the SecDev Group, an Ottawa-based consultancy. What Walton found was a thoroughly compromised computer A computer that has a virus, Trojan or other malevolent program. See botnet. system, infected with so-called "malware" that allowed a mysterious outside entity to not only spy on the computer, but also extract data from it. Researchers watched someone, somewhere, extract a copy of a document detailing the negotiating positions of the Dalai Lama's envoy. "What we were witnessing was an international crime taking place," says Professor Deibert. Walton recorded the activity and eventually returned to Toronto with some 1.2-gigabytes of raw data - countless lines of often-incomprehensible code - for Villeneuve to sift through. The researchers at the Citizen Lab weren't new to this kind of thing. Last year, they revealed the logging of millions of text messages sent by users of a Chinese Skype service. Mr. Villeneuve had learned some tricks during that endeavour, such as searching for improperly configured servers and sifting through their directories for useful files. He tried the same tricks this time, but nothing worked. The researchers knew there was a backbone behind the malicious software on the Dalai Lama's office computers, but they couldn't pinpoint it. Then one day, a couple of weeks ago, Villeneuve came across a line of code that appeared to begin with a numbers that signified a date. In an interview on Sunday, he was momentarily reluctant to disclose the seemingly elite hacker's tool he unleashed on that piece of code in order to get it to spill its secrets. Finally, he said: "I put it in Google, man." The obvious paid off. Soon, Villeneuve was led to a U.S.-based server that turned out to be one of the so-called "control" servers behind the malicious code. Whoever Villeneuve was following turned out to be very systematic in his approach, and the researcher found that changing a single number or letter in a piece of code led him to another control server. Soon, the investigators found four control servers, each containing a list of all infected computers that have reported to the server, as well as code to issue and monitor commands to the infected computers. If the 1,295 infected computers in 103 different countries were the limbs, the four servers were the spine, and three of those servers were located in China. Professor Deibert is cautious not to allege To state, recite, assert, or charge the existence of particular facts in a Pleading or an indictment; to make an allegation. allege v. that the Chinese government Ever since Republic of China founded in January 1st, 1912, China has had several regional and national governments. List
In law, evidence that is drawn not from direct observation of a fact at issue but from events or circumstances that surround it. If a witness arrives at a crime scene seconds after hearing a gunshot to find someone standing over a corpse and holding a . "The evidence that we have shows that the majority of the control servers were located in China. The interface to controlling the infected hosts on these servers in China was in Chinese. And the remote Trojan favoured by the attackers is a Trojan coded by Chinese hackers," says Villeneuve. One of the four servers, located in Hainan Island, also traced back to a Chinese government server. Chinese officials in Canada could not be reached for comment on Sunday, but Beijing has reportedly denied any involvement in the cyber spy ring Spy Ring is the official fan site of , the fourth installment of Ubisoft's Splinter Cell franchise. Spy Ring allows fans of Splinter Cell from all around the world interact, socialize, compete, and have fun together, all while awaiting the release of the game. , slamming the investigation's findings. (ANI) Copyright 2009 Asian News International The Asian News International (ANI) agency provides multimedia news to China and 50 bureaus in India. It covers virtually all of South Asia since its foundation and presently claims, on its official website, to be the leading South Asia-wide news agency. (ANI) - All Rights Reserved. Provided by Syndigate.info an Albawaba.com company |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion