We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

A View from Erica Naone

Vast Web Espionage Network Discovered

By using botnets, politically motivated attackers can enjoy relative impunity.

  • March 30, 2009

More than 1,200 computers worldwide have reportedly been infected by what appears to be a politically motivated spy system. Researchers from the Munk Centre for International Studies at the University of Toronto discovered the sprawling “Ghostnet” after being asked to analyze computers belonging to the office of the Dalai Lama. According to Nart Villeneuve, a PhD student and one of the researchers involved:

Close to 30 [percent] of the infected hosts are considered high-value and include computers located at ministries of foreign affairs, embassies, international organizations, news media, and NGOs. The investigation was able to conclude that Tibetan computer systems were compromised by multiple infections that gave attackers unprecedented access to potentially sensitive information, including documents from the private office of the Dalai Lama.

Although some have attributed the spying to the Chinese government, the Toronto researchers say they can’t definitely pin the system to any particular group, even if it seems likely that it’s being run by people based in China.

That sort of uncertainty is the way of the future. In a recent story about politically motivated denial of service attacks, I wrote:

A big problem with these politically motivated attacks, according to Jose Nazario, manager of security research for Arbor Networks, is that it’s particularly hard to pinpoint who is really responsible. While it’s easy to determine which botnet is the source of an attack, it’s far harder to determine who might be paying for the attack. This is a big worry for governments looking for redress or retaliation.

The Internet–amazing, distributed technology that it is–offers plausible deniability for those who would take advantage of its darker side. The University of Toronto researchers noted that lack of clarity surrounding international law also makes it hard to pursue the investigation to a satisfying conclusion. Whether used for denial-of-service attacks or spying, the relative legal immunity these botnets enjoy will make them a tempting tool for unscrupulous organizations for a long time to come. Villeneuve concludes:

Regardless of who or what is ultimately in control of GhostNet, it is the capabilities of exploitation, and the strategic intelligence that can be harvested from it, which matters most. Indeed, although the Achilles’ heel of the GhostNet system allowed us to monitor and document its far-reaching network of infiltration, we can safely hypothesize that it is neither the first nor the only one of its kind.

Hear more about security from the experts at the Business of Blockchain on April 23, 2018 in Cambridge.

Learn more and register
Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    Print + Digital Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

    Technology Review PDF magazine archive, including articles, images, and covers dating back to 1899

    10% Discount to MIT Technology Review events and MIT Press

    Ad-free website experience

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.