| The same Internet security analysts who identified and | | | | and Project Shakti. |
| revealed the surveillance ring known as GhostNet | | | | In addition, over 1,500 letters sent from the Office of |
| published another report today, revealing a vast | | | | the Dalai Lama between January and November of |
| "Shadow network" of online espionage based in | | | | last year were among those files recovered. |
| China's Sichuan Province. | | | | When questioned about the report on Monday, |
| The report, titled "Shadows in the Cloud: Investigating | | | | Chengdu's propaganda official Ye Lao dismissed the |
| Cyber Espionage 2.0," is the product of a collaborative | | | | notion of Chinese government involvement as |
| effort between Canada's Information War Monitor and | | | | "ridiculous." |
| America's Shadowserver Foundation. The Information | | | | "The Chinese government considers hacking a cancer |
| War Monitor is a public-private joint venture linking the | | | | to the whole society," he went on to say. |
| Citizen Lab at the University of Toronto's Munk School | | | | While the report does not directly implicate the |
| for International Studies to Ottawa-based think tank | | | | government in Beijing, it does maintain a critical stance |
| The SecDev Group. The Shadowserver Foundation is | | | | towards the overall Internet environment which it |
| a group of volunteer Internet security professionals | | | | believes is permitted to thrive in China. |
| that gather, track, and report on malware, botnet | | | | "We have no evidence in this report of the |
| activity, and electronic fraud. | | | | involvement of the People's Republic of China or any |
| While operating from the Munk School, the international | | | | other government in the Shadow network," the report |
| Internet security team has monitored a complex | | | | said. "But an important question to be entertained is |
| ecosystem of cyber espionage originating in the | | | | whether the PRC will take action to shut the Shadow |
| Chinese city of Chengdu over an eight month period. | | | | network down. Doing so will help to address |
| Using popular online social-media tools such as Twitter, | | | | long-standing concerns that malware ecosystems are |
| Google Groups, Blogspot, Baidu Blogs, blog.com, and | | | | actively cultivated, or at the very least tolerated, by |
| Yahoo Mail, the hackers breached and compromised | | | | governments like the PRC who stand to benefit from |
| computer networks within India, the Offices of the | | | | their exploits through the black and grey markets for |
| Dalai Lama, the United Nations, and several other | | | | information and data." |
| countries and organizations. The Indian government | | | | This illustrates the underlying propellant of cyber |
| and the Dalai Lama, however, were undoubtedly the | | | | espionage operations like those uncovered in China; |
| parties most affected by the attacks. | | | | where even if the information isn't being stolen under |
| Among the documents recovered by the online | | | | the direction of the government, there remains a |
| security analysts in Toronto were several encrypted | | | | lucrative market for the data to be sold to interested |
| confidential files belonging to the Indian government. | | | | parties. And while the authors of the report admit that |
| "These documents contain sensitive information taken | | | | it is out of their realm to speculate as to the motives |
| from a member of the National Security Council | | | | of the hackers, there is one particular party that |
| Secretariat concerning secret assessments of India's | | | | comes to mind that may be interested in acquiring the |
| security situation in the states of Assam, Manipur, | | | | correspondence of the Dalai Lama and confidential |
| Nagaland and Tripura, as well as concerning the | | | | reports belonging to the Indian government. |
| Naxalites and Maoists," the report said. "In addition, they | | | | "It's like the world of art theft, where you steal things |
| contain confidential information taken from Indian | | | | that have a very high value, as long as you can find a |
| embassies regarding India's international relations with | | | | buyer," said Rafal Rohozinski, senior research adviser |
| and assessments of activities in West Africa, Russia | | | | at Citizen Lab and CEO of SecDev Group, according |
| Commonwealth of Independent States and the Middle | | | | to The Globe and Mail. |
| East, as well as visa applications, passport office | | | | "So the question of course is, who's the buyer? Is the |
| circulars and diplomatic correspondence." | | | | buyer paying the thief to go after this stuff, or is the |
| The hackers may have also obtained confidential | | | | thief doing it themselves because they know they can |
| information from Indian military personnel on the | | | | find a buyer? That's one of those things that we don't |
| Pechora Missile System, the Iron Dome Missile System, | | | | really have a good answer for," said Rohozinski. |