Join our Mailing List

"Canada can, within a positive friendly atmosphere, ask the Chinese government to resolve the Tibetan situation."

Spying -- On being watched

April 2, 2009

The Ottawa Citizen (Canada)
April 1, 2009

The threats to privacy that get the most
attention are the ones we know about, from
cellphone cameras to the selling of personal data
to telemarketers. But the invisible threats are more frightening.

Malicious computer code is now a tool of
espionage. It threatens not only the privacy, but
also the civil rights of people all over the
world, including in Canada. When a government can
intercept your e-mails and use that information
to intimidate you or the people you're
communicating with, cyber-espionage becomes the
first step in a human-rights violation.

Governments have always engaged in espionage, and
they always will. When our side is doing it, we
call it intelligence-gathering; when someone else
is doing it, we call it spying. Governments are
within their rights to use covert means of
finding security threats, within certain limits.
But citizens do have rights against unwarranted
or illegal intrusions, whether in hotel rooms, in
their phone conversations, or in cyberspace. And
when governments or hackers use information
obtained through cyber-espionage to harass, steal
or intimidate, citizens have every right to use
the courts and technology to protect themselves.

The office of the Dalai Lama recently asked
researchers at the University of Toronto's Munk
Centre for International Studies, and Ottawa's
SecDev Group. to investigate its computers. Sure
enough, the office's computers in India, and
those of other global Tibetan organizations, were
compromised by malicious software that originated
in China. One bit of malware was being used to
steal a document about the Dalai Lama's
negotiating position with the People's Republic of China.

But that was just the beginning. The researchers
found a network of cyber-espionage they call
GhostNet: "a network of over 1,295 infected hosts
in 103 countries." About 30 per cent of the
infected computers were "high-value" targets such
as ministries of foreign affairs, news media,
embassies, non-governmental organizations -- even
the North Atlantic Treaty Organization.

Once a computer is compromised, usually through a
seemingly innocuous e-mail, the possibilities are
frightening. "Our investigation reveals that
GhostNet is capable of taking full control of
infected computers, including searching and
downloading specific files, and covertly
operating attached devices, including microphones and web cameras."

While almost all of the GhostNet controlling
servers are in China, and some of the attacks
have served the interests of that state, the
researchers caution that there's no evidence
linking GhostNet to any government.

The researchers do say that the government of
China "is actively developing an operational
capacity in cyberspace, identifying it as the
domain in which it can achieve strategic parity,
if not superiority, over the military
establishments of the United States and its allies."

Whether or not it is happening now, the potential
exists for foreign governments to spy on Internet
users in Canada. Refugees from places like Iran
and Zimbabwe never fully rid themselves of the
feeling they should look over their shoulders.
The members of the Tibetan diaspora live with the
suspicion their activities are watched.

Cyber-espionage is relatively cheap and easy, and
there's a real potential for nefarious use of
these techniques by states against dissident
organizations and ex-patriates anywhere in the
world. They can even engage or encourage private
hackers to do it, thereby benefiting from plausible deniability.

Canada has always prided itself on being a haven
for the politically persecuted. It's fitting,
then, that Canadian researchers are leading the
technological effort to uncover these shadowy networks.
CTC National Office 1425 René-Lévesque Blvd West, 3rd Floor, Montréal, Québec, Canada, H3G 1T7
T: (514) 487-0665
Developed by plank