Cyber-spies used social sites to trick Dalai Lama’s office: US expertMarch 30th, 2009 - 8:13 pm ICT by IANS -
By Arun Kumar
Washington, March 30 (IANS) A Chinese cyber-espionage network used sophisticated social and computer engineering techniques to trick the Dalai Lama’s office into downloading malicious software, according to a cyber security expert.
Researchers, based at the Munk Center for International Studies at the University of Toronto in Canada, Sunday reported that the spy ring had infiltrated computers and stolen documents from hundreds of government and private offices around the world, including those of the Indian embassy in Washington.
The software was attached to e-mails that purported to come from colleagues or contacts in the Tibetan movement, according to researcher Ross Anderson, professor of security engineering at the University of Cambridge Computer Laboratory, cited by the Washington Times Monday.
The software stole passwords and other information, which in turn gave the hackers access to the office’s e-mail system and documents stored on computers there.
“The intelligent and highly coordinated use of social engineering and [malicious software] techniques is extraordinarily effective,” Anderson told the Times, warning that the techniques involved could easily be used by cybercriminals to victimise major companies.
“It is only a matter of time before we see [these techniques] used by cybercriminals,” he said. “The existing accounting systems of Fortune 500 companies are designed to withstand one crooked person… or one compromised computer at a time,” he added, noting that the techniques employed against the Dalai Lama’s office enable hackers to compromise entire departments’ computer networks.
After analysing the software, Anderson and his colleagues turned their data over to researchers at the Munk Center, which published its findings Sunday.
“There is no doubt that this is a Chinese state actor at work,” Anderson said. “There is a lot of concurrence between what we found on the ground and what is known about Chinese information-warfare capabilities and doctrine… The targets are a very good fit with Chinese strategic intelligence priorities.”
The Toronto researchers declined to be so definite about who was behind the attacks.
Former senior US cybersecurity official Greg Garcia was similarly cautious, telling the Times that “attribution is a hall of mirrors”.
“There are a whole range of complex technical and other questions that have to be resolved… before you start pointing fingers,” said Garcia, who was assistant secretary for cybersecurity and communications at the Department of Homeland Security from October 2006 to last December.
He said it was the prevalence of such threats “from all over the world” that led the Bush administration to launch the Comprehensive National Cyber Initiative last year. “Congress and the Obama administration need to use that momentum and accelerate funding and implementation,” he said. “This is a race being run on internet time.”
- Chinese hack into Indian embassies, steal Dalai Lama's documents - Mar 29, 2009
- Canadian researchers uncover spy plot against Dalai Lama - Mar 29, 2009
- Hackers can't hack top-secret data of military: Internet scientist - May 21, 2009
- Over 100 countries hit by electronic spying operation (Lead) - Mar 29, 2009
- Swine flu spam mails fox users - May 04, 2009
- Colonies of Cybots may defend government networks against network intruders - Mar 06, 2009
- China capable of launching cyber attack on UK - Mar 29, 2009
- Canadian researchers reveal how they cracked Chinese spy scam on Dalai Lama - Mar 30, 2009
- Dalai Lama's office admits computers have been hacked - Mar 30, 2009
- Chinese official denies government hand in cyber attacks - May 05, 2008
- - Sci-Tech
- - accounting systems
- - anderson professor
- - arun kumar
- - cambridge computer laboratory
- - chinese state
- - cybercriminals
- - dalai lama
- - e mail system
- - espionage network
- - fortune 500 companies
- - indian embassy in washington
- - ross anderson
- - security engineering
- - software techniques
- - spy ring
- - state actor
- - tibetan movement
- - university of cambridge
- - university of toronto
- - washington times
Posted in Sci-Tech, |