The people who uncovered GhostNet have found a completely separate hacking network that mainly targeted the Indian government. The “Shadow Network”, as this network is now known, has been traced to two people living in Chengdu, China.
China is largely believed to possess a Cyber Warfare Doctrine that is designed to achieve global “electronic dominance” by 2050. With a yearly budget of $55 million allotted for it and over 10,000 hackers working in tandem, China is second only to U.S. when it comes to cyber snooping prowess.
Chinese hackers compromised computers using malware that traveled as Microsoft Office or PDF files, and used relatively well-known exploits. Once on a machine, however, the malware would communicate with a specific Yahoo Mail account, which allowed it to receive more sophisticated software via attachments, and alert the network to its identity.
The command-and-control network operated primarily through free webhosting services, many of them operating from within the US. As these systems came and went, various social networking services—Google and Baidu blogs, Twitter, etc.—were used to supply the infected systems with a list of alternate hosts. Fortunately for the researchers, at times when a lot of the free webhosts were taken out of action, the social networking updates revealed a core of servers that remained constant; these were exclusively hosted within China.
It seems that the upcoming Commonwealth games in India is one of the primary targets. Ticket sales, and online registration servers have been compromised. The hackers had also looked into tender documents for the Commonwealth games network infrastructure.
It also seems that the hackers have laid their hands on information on missile systems being developed by India, a list of visas issued by Indian embassies and other sensitive information.
This is not the first time India was under from these Chinese hackers. In 2008 and 2009 too, there were a number of small attacks on computers of the Indian Ministry of External Affairs. As many as 450 computers belonging to the India Government – including that of the then National Security Adviser (NSA) M.K. Narayanan and Deputy NSA Shekhar Dutt and the chiefs of the navy, army and air force besides officials in the defense intelligence agencies were infected.
No comments:
Post a Comment