Time , AP TORONTO – A cyber spy network based mainly in China has tapped into classified documents from government and private organizations in 103 countries, including the computers of Tibetan exiles, Canadian researchers said Saturday. The work of the Information Warfare Monitor initially focused on allegations of Chinese cyber espionage against the Tibetan community in exile, and eventually led to a much wider network of compromised machines, the Internet-based research group said. “We uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama,” investigator Greg Walton said. The research group said that while its analysis points to China as the main source of the network, it has not conclusively been able to detect the exact identity or motivation of the hackers. The Chinese Embassy in Toronto did not immediately return calls for comment. Students For a Free Tibet activist Bhutila Karpoche said she was not surprised about the possibility that China could be behind the network. “Our computers have been hacked into numerous times over the past 4 to 5 years and especially in the past year,” Karpoche said. She said she often gets e-mails that end up containing viruses that crash the group’s computers. The IWM is composed of researchers from Ottawa-based think tank SecDev Group and the University of Toronto’s Munk Centre for International Studies. The group’s initial findings lead to a 10-month investigation that has been summarized in the report, “Tracking GhostNet: Investigating a Cyber Espionage Network.” It will be released online Sunday. The researchers detected a cyber espionage network involving over 1,295 compromised computers from the ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan. They also discovered hacked systems in the embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan. Once the hackers infiltrated the systems, they gained control using malware — software they install on the compromised computers — and sent and received data from them, the researchers said.
China Spying On Internet Use In Hotels
July 29, 2008
Foreign-owned hotels in China face the prospect of “severe retaliation” if they refuse to install government software that can spy on Internet use by hotel guests coming to watch the summer Olympic games, a U.S. lawmaker said Tuesday.
Sen. Sam Brownback, R-Kan., produced a translated version of a document from China’s Public Security Bureau that requires hotels to use the monitoring equipment.
“These hotels are justifiably outraged by this order, which puts them in the awkward position of having to craft pop-up messages explaining to their customers that their Web history, communications, searches and key strokes are being spied on by the Chinese government,” Brownback said at a news conference.
A spokesman for the Chinese embassy in Washington did not immediately respond to a request for comment.
Brownback said several international hotel chains confirmed receiving the order from China’s Public Security Bureau. The hotels are in a bind, he said, because they don’t want to comply with the order, but also don’t want to jeopardize their investment of millions of dollars to expand their businesses in China. The hotel chains that forwarded the order to Brownback are declining to reveal their identities for fear of reprisal.
Earlier this year, the U.S. State Department issued a fact sheet warning travelers attending the Olympic games that “they have no reasonable expectation of privacy in public or private locations” in China.
“All hotel rooms and offices are considered to be subject to on-site or remote technical monitoring at all times,” the agency states.
The Public Security Bureau order threatens that failure to comply could result in financial penalties, suspending access to the Internet or the loss of a license to operate a hotel in China.
“If you were a human rights advocate, if you’re a journalist, you’re in room 1251 of a hotel, anything that you use, sending out over the Internet is monitored in real time by the Chinese Public Security bureau,” Brownback said. “That’s not right. It’s not in the Olympic spirit.”
Brownback and other lawmakers have repeatedly denounced China’s record of human rights abuses and asked President Bush not to attend the Olympic opening ceremonies in Beijing.
Brownback was introducing a resolution in the Senate on Tuesday that urges China to reverse its actions.
China To Censor Internet During Olympics
July 29, 2008
China will censor the Internet used by foreign media during the Olympics, an organising committee official confirmed Wednesday, reversing a pledge to offer complete media freedom at the games.
“During the Olympic Games we will provide sufficient access to the Internet for reporters,” said Sun Weide, spokesman for the organising committee.
He confirmed, however, that journalists would not be able to access information or websites connected to the Falungong spiritual movement which is banned in China.
Other sites were also unavailable to journalists, he said, without specifying which ones.
BBC China has been monitoring and censoring messages sent through the internet service Skype, researchers say.
Citizen Lab, a Canadian research group, says it found a database containing thousands of politically sensitive words which had been blocked by China.
The publically available database also displayed personal data on subscribers.
Skype said it had always been open about the filtering of data by Chinese partners, but that it was concerned by breaches in the security of the site.
Citizen Lab researchers, based at the University of Toronto, said they discovered a huge surveillance system which had picked up and stored messages sent through the online telephone and text messaging service.
The database held more than 150,000 messages which included words such as “democracy” and “Tibet” and phrases relating to the banned spiritual movement, Falun Gong.
“These text messages, along with millions of records containing personal information, are stored on insecure publicly accessible web servers,” said Citizen Lab’s report, entitled “Breaching Trust”.
They said that by using one username, it was possible to identify all the people who had sent messages to or received them from the original user.