Foreign Ministry mum on Chinese cyber spy ring

Hackers allegedly gained entry to some 1,300 diplomatic computers around the world.

HP laptop computer 224.8 (photo credit: Courtesy)
HP laptop computer 224.8
(photo credit: Courtesy)
Foreign Ministry officials said on Sunday they were unaware of a Chinese cyber spy ring whose existence was revealed over the weekend. It reportedly hacked into classified documents from government and private organizations in 103 countries. "I have no information about it," a Foreign Ministry spokesman told The Jerusalem Post. "I'm not aware of it, and even if there had been some sort of breach, I'm not sure that anything would be released, because our relationship with China is so sensitive." "It's a very strange story," another spokesman said. "But we don't have any additional information on it." Researchers from the Canadian operational think tank Information Warfare Monitor - the research group that flagged the on-line espionage - said they had detected a cyber spy network involving more than 1,295 compromised computers from the foreign ministries of Iran, Bangladesh, Latvia, Indonesia, the Philippines, Brunei, Barbados and Bhutan. They also discovered hacked systems in embassies belonging to India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan. While Information Warfare Monitor initially focused on allegations of Chinese cyber espionage against the Tibetan community in exile, their work eventually led to a much wider network of compromised machines, the Internet-based research group said. "We uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama," investigator Greg Walton said. It was unclear on Sunday if Israel was one of the countries whose foreign ministry computers had been compromised. The research group said that while its analysis pointed to China as the main center of the network, it had not been able to conclusively determine the identity or motivation of the hackers. Students For a Free Tibet activist Bhutila Karpoche, a leading activist in Toronto's Tibetan-Canadian community, said her organization's computers have been hacked into numerous times over the past four or five years, and particularly in the past year. She said she often gets e-mails that contain viruses that crash the group's computers. Information Warfare Monitor is composed of researchers from Ottawa-based think tank SecDev Group and the University of Toronto's Munk Centre for International Studies. The group's initial findings led to a 10-month investigation summarized in a report that was released on-line Sunday. Once the hackers infiltrated the systems, they gained control using malware - software they install on the compromised computers - and sent and received data from them, the researchers said. Two researchers at Cambridge University who worked on the part of the investigation related to the Tibetans also released their own report on Sunday. In an on-line abstract for "The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement," Shishir Nagaraja and Ross Anderson write that while malware attacks are not new, these attacks should be noted for their ability to collect "actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed." Prevention of such attacks will be difficult since traditional defense against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tedious operational security procedures. they said. Chinese officials came under scrutiny in October after it was revealed that the Chinese version of the popular Internet-telephone platform Skype, TOM-Skype, had been spying on its users. Keywords and specific usernames were reported to Chinese officials after they used terms such as "Independent Taiwan," "Tibet," or "The Dalai Lama," among others.