Hacking allegations against China go back years
New reports about state-sponsored hackers from China shouldn’t surprise anyone who read a report by the cyber-research group at the Munk Centre at the University of Toronto.
Reports that Chinese state-sponsored hackers are active in Canada shouldn’t come as a surprise to anyone who familiar with the work of the Munk School of Global Affairs at the University of Toronto.
In 2009, the cyber-research group reported that a China-based “GhostNet” of hackers had broken into 1,295 computers around the world.
The study, entitled “Shadows in the Cloud; Investigating Cyber Espionage,” took 10 months to complete and concluded that there were infected host computers in 103 countries.
About 30 per cent of those targets were ministries of foreign affairs, non-government organizations (NGOs), embassies and news gathering organizations, the study said.
Among the targets was the Office of the Dalai Lama and the United Nations, the study concluded.
The 1,295 computers around the world were hit with a “ghost RAT,” a Trojan Horse system run from the island of Mainan in China, according to the Munk study.
“Documentation and reverse engineering of the modus operandi of the GhostNet system — including vectors, targeting, delivery mechanisms, data retrieval and control systems — reveals a covert, difficult-to-detect and elaborate cyber-espionage system capable of taking full control of affected systems,” the report concluded.
Chinese government officials reacted with scorn to the reports, the Star’s Bill Schiller reported at the time.
Dismissing the report as “rumours” and “lies,” it suggested a political motivation to the study.
“The problem is that there are some overseas people who are enthusiastically concocting rumours about China’s so-called Internet espionage,” Chinese Foreign Ministry spokesperson Qin Gang told Schiller.
Earlier this month, a U.S. grand jury charged five Chinese military officials with economic espionage and trade secret theft for hacking energy companies, including high-level ones involved in pipeline operation and energy generation.
The security company Symantec Corp. said in a blog post that the size and resources of the hacking operation — dubbed “Dragonfly” — suggested government involvement.
It stated that the hackers have been around since at least 2011 and work a 9 a.m. to 6 p.m. work week, from Mondays to Fridays.
In 2011, CBC News reported that cyberattacks linked to China had penetrated two federal departments, Treasury Board and Finance.
No comments:
Post a Comment
Comments always welcome!