Large Cyber Espionage Network Disclosed


The New York Times and the London Guardian among others are reporting (here and here) that researchers based at the Munk Center for International Studies at the University of Toronto, have discovered an Internet spy network apparently based in China that has infiltrated at least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices in India, Brussels, London and New York.

The spy network, dubbed GhostNet, has been operating for at least two years, according to the researchers (you can see their report called Tracking GhostNet: Investigating a Cyber Espionage Network here). The researchers say that there is no proof that the Chinese government is behind the network, and the Chinese government has indignantly denied any involvement.

In another IT security story in the London Telegraph, apparently the IT systems at the Houses of Parliament have been infected with the Conficker worm. Given that Conficker has been around since last November, the incident has raised serious questions about the robustness of Parliamentâ''s security procedures. Things may get more interesting on 1 April if it isnâ''t removed from Parliamentâ''s computer systems, when Conficker is supposed to do something, although no one is quite sure what.

Finally, there is a story in today's Sunday London Times that claims that Alex Allan, chairman of the British Joint Intelligence Committee (JIC) has warned ministers that â''China may have gained the capability to shut down Britain.â''

According to the story, equipment in BTâ''s new BT 21CN communications network installed by the Chinese telecom company Huawei, could be used to interfere with critical services such as power, food and water supplies by remotely activating hidden malicious software or hardware.

Huawei, has had (and according to the Pentagon, still has) close ties to the Peopleâ''s Liberation Army (PLA) in the past.

The Times story says that, â''Huawei denies any continuing links to the PLA. A spokeswoman at the companyâ''s UK headquarters dismissed the alleged links as â''rumour and speculationâ''.â''

One telecom expert pointed out that given that Chinese telecom equipment is used throughout the world, the UK is no more or less vulnerable than anyone else.

I guess that is one way of looking at it.


Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Robert Charette
Spotsylvania, Va.
Willie D. Jones
New York City