Posted on 03/30/2009 4:28:48 PM PDT by rgr
A cyberespionage network, known as GhostNet, possibly operating out of China, is making use of malicious websites and phishing emails to take control of hundreds of sensitive government machines across 103 countries, researchers revealed this weekend.
A pair of Canadian researchers at the Munk Center for International Studies at the University of Toronto said GhostNet struck "high-value targets," such as foreign embassies and ministries, and even a NATO network. So far, some 1,300 computers have been infected by servers that trace back to China. The researchers, Ron Deibert and Rafal Rohozinski, released their 53-page report Sunday after 10 months of investigation. The attacker(s) are able to exploit several infection vectors, the researchers wrote. First, they create web pages that contain drive-by exploit code that infects the computers of those who visit the page. Second, the attacker(s) have also shown that they engage in spear phishing in which contextually relevant emails are sent to targets with PDF and DOC attachments.
In the spear-phishing attacks, when the attachments are downloaded, they create backdoors that cause the infected computer to connect to a control server and await further instructions, the researchers wrote. The compromised machines then can be directed to download and install a remote administration trojan.
The attackers seem to be a cut above the average hacker, considering some of the techniques they used to spread the infection.
Some of the things they did indicate that they were very sophisticated, Phil Neray, vice president of security strategy for Guardium, told SCMagazineUS.com on Monday. The machines were told to send the data stolen using a Tor network in an encrypted form. Also, the way the trojans communicated with the command servers made use of a complex control program that enabled them to completely control users' PCs. The GhostNet operation is still operating and continues to hit more than a dozen additional computers per week, according to the University of Toronto researchers. Other targets of the attacks included foreign ministries and embassies of countries such as of Bangladesh, Bhutan, Cyprus, Germany, Iran, India, Indonesia, The Philippines, and Romania, among 103 others.
These organizations are almost certainly oblivious to the compromised situation in which they find themselves, the researchers said. The computers of diplomats, military attachés, private assistants, secretaries to prime ministers, journalists and others are under the concealed control of unknown assailant(s).
The researchers were careful to say that no real evidence exists that the government of China was directly involved, though they did say that GhostNet does not appear to be a typical cybercrime network.
The potential political fallout is enormous, they wrote. But ultimately, the question of who is behind the GhostNet may matter less than the strategic significance of the collection of affected targets GhostNet represents a network of compromised computers resident in high-value political, economic and media locations spread across numerous countries worldwide.
Not everyone agrees that China is uninvolved speculation abounds that the Chinese government has some responsibility, even though it has officially denied any link.
The IP addresses go back to China, Rick Howard, intelligence director for VeriSign iDefense, told SCMagazineUS.com Monday. "This attack seems to target specific organizations government organizations. That adds credence to the possibility that some government espionage organization was doing this.
The impetus for investigating the reports of GhostNet was, in part, a request from Tibet's government-in-exile, on behalf of the Dalai Lama, Tibet's exiled spiritual leader.
"The investigation was able to conclude," the researchers wrote, "that Tibetan computer systems were compromised by multiple infections that gave attackers unprecedented access to potentially sensitive information, including documents from the private office of the Dalai Lama."
Don’t plug in your mic or webcam with mic...
problem solved...
[2009] Russia, China plan new joint military exercises
By MARTIN SIEFF, UPI Senior News Analyst
Published: March 26, 2009
WASHINGTON, March 26 (UPI) -- The continuing tensions over Russia's refusal to sell its state-of-the-art land warfare advanced weapons systems to China hasn't interrupted the rhythm of major joint military exercises between the two major land powers on the Eurasian landmass. The latest in the regular, biennial series of exercises between the two nations has been confirmed for this summer.
The next in the now well-established series of exercises called Peace Mission 2009 will be carried out in northeastern China, the Russian Defense Ministry announced March 18, according to a report carried by the RIA Novosti news agency.
The first bilateral Peace Mission maneuvers -- described at the time as counter-terrorism exercises -- were held in Russia and the eastern Chinese province of Shandong in August 2005. As we reported at that time, they were a lot bigger than mere counter-terrorism exercises. Warships, squadrons of combat aircraft and more than 10,000 troops were involved carrying out landings against hypothetically hostile shores. The maneuvers also involved large-scale paratroops drops. The scale and nature of those exercises suggested a trial run for a possible Chinese invasion of Taiwan with Russian support. ..."
http://www.upi.com/Security_Industry/2009/03/26/Russia_China_plan_new_joint_military_exercises/UPI-25021238094858/
_____________________________________________________________
U.S. Department of Defense:
China Military Power Report
(Full report: 18.4 MB on PDF file, 78 pages)
http://www.defenselink.mil/pubs/pdfs/China_Military_Power_Report_2009.pdf
_____________________________________________________________
Executive Summary
Chinas rapid rise as a regional political and economic power with growing global influence has significant implications for the Asia-Pacific region and the world. The United States welcomes the rise of a stable, peaceful, and prosperous China, and encourages China to participate responsibly in world affairs by taking on a greater share of the burden for the stability, resilience, and growth of the international system. The United States has done much over the last 30 years to encourage and facilitate Chinas national development and its integration into the international system. However, much uncertainty surrounds Chinas future course, particularly regarding how its expanding military power might be used.
The Peoples Liberation Army (PLA) is pursuing comprehensive transformation from a mass army designed for protracted wars of attrition on its territory to one capable of fighting and winning short-duration, high-intensity conflicts along its periphery against high-tech adversaries an approach that China refers to as preparing for local wars under conditions of informatization. The pace and scope of Chinas military transformation have increased in recent years, fueled by acquisition of advanced foreign weapons, continued high rates of investment in its domestic defense and science and technology industries, and far-reaching organizational and doctrinal reforms of the armed forces. Chinas ability to sustain military power at a distance remains limited, but its armed forces continue to develop and field disruptive military technologies, including those for anti-access/area-denial, as well as for nuclear, space, and cyber warfare, that are changing regional military balances and that have implications beyond the Asia-Pacific region.
The PLAs modernization vis-à-vis Taiwan has continued over the past year, including its build-up of short-range missiles opposite the island. In the near-term, Chinas armed forces are rapidly developing coercive capabilities for the purpose of deterring Taiwans pursuit of de jure independence. These same capabilities could in the future be used to pressure Taiwan toward a settlement of the cross-Strait dispute on Beijings terms while simultaneously attempting to deter, delay, or deny any possible U.S. support for the island in case of conflict. This modernization and the threat to Taiwan continue despite significant reduction in cross-Strait tension over the last year since Taiwan elected a new president.
The PLA is also developing longer range capabilities that have implications beyond Taiwan. Some of these capabilities have allowed it to contribute cooperatively to the international communitys responsibilities in areas such as peacekeeping, humanitarian assistance and disaster relief, and counter-piracy. However, some of these capabilities, as well as other, more disruptive ones, could allow China to project power to ensure access to resources or enforce claims to disputed territories.
Beijing publicly asserts that Chinas military modernization is purely defensive in nature, and aimed solely at protecting Chinas security and interests. Over the past several years, China has begun a new phase of military development by beginning to articulate roles and missions for the PLA that go beyond Chinas immediate territorial interests, but has left unclear to the international community the purposes and objectives of the PLAs evolving doctrine and capabilities. Moreover, China continues to promulgate incomplete defense expenditure figures and engage in actions that appear inconsistent with its declaratory policies. The limited transparency in Chinas military and security affairs poses risks to stability by creating uncertainty and increasing the potential for misunderstanding and miscalculation. The United States continues to work with our allies and friends in the region to monitor these developments and adjust our policies accordingly. ..."
Full report: 18.4 MB on PDF file, 78 pages:
http://www.defenselink.mil/pubs/pdfs/China_Military_Power_Report_2009.pdf
Source: Pentagon website:
http://www.pentagon.mil/
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.