GhostNet

| More
Loads of coverage of the GhostNet story at the weekend. The FT, NY Times, Sydney Morning Herald and BBC all highlight the Munk Centre for International Studies report on the cyber 'spying' network which has compromised government computer networks all around the world.

For those in the information security community it should come as no surprise that there are serious and organised individuals and groups using coordinated computer resources to deliberately and maliciously infiltrate attractive target networks. E-mail based threats are not new and have been the modus operandi for a whole bunch of people for at least the last five years or so. Back in 2005 Israel's hi-tech business sector was stunned by a major computer espionage scandal involving targeted trojan e-mail attacks. The anatomy of attacks has changed, accept it and lets move on.

Munk's report heavily hints at Chinese state sponsorship but there's no conclusive evidence at all and a causal relationship is draw between the physical location of the command and control infrastructure and the perpetrators of the activity. In this case a Chinese computer is implicated but that doesn't mean that China itself is the sponsor of GhostNet.

Heaven only knows how many unprotected, unpatched, poorly configured and poorly managed computer networks using unlicensed O/S there are in greater China. It's an easy and rich play ground for international organised e-crime to take advantage of inadequately protected computers to create multiple platforms for their attacks. Shooting fish in a barrel comes to mind. 

This is a fast and highly dynamic field and pinning the blame on a nation is, IMHO, too simplistic and naive. We're unlikely to ever know who the real source of this activity is and let's just accept that and get on with more valuable ways of using our time and attention. Instead lets focus our energy on raising standards of computing through education and awareness about the dangers everyone faces from vulnerable, poorly protected or poorly managed computer networks. We're all in this together!


Archives