Tuesday, April 06, 2010

Chinese hackers steal secret Indian documents

Chidanand Rajghatta, TNN, Apr 6, 2010, 08.40pm IST

WASHINGTON: Chinese hackers have pilfered classified documents from the India’s security, defense, and diplomatic establishment, including assessments of the Maoist and Naxalite movements, the security situation in the country's North East, and New Delhi’s ties with Russia and the Middle East, U.S and Canadian researchers who tracked the cyber-espionage have said.

In a report titled ''Shadows in the Cloud'' issued on Monday, researchers based at the Munk School of Global Affairs at the University of Toronto said an India-focused spy operation seemingly based out of China’s Sichuan province hacked into computers across India and in Indian missions abroad, stealing sensitive data, including information on Indian missile systems gathered from independent analysts. They also obtained a year’s worth of Dalai Lama’s personal e-mail messages.

According to the researchers, the breaches involved Indian Embassy computers in Kabul, Moscow and Dubai, United Arab Emirates, and at the High Commission of India in Abuja, Nigeria. Also compromised were computers used by the Indian Military Engineer Services in Bengdubi, Calcutta, Bangalore and Jalandhar; the 21 Mountain Artillery Brigade in Assam and three air force bases; and computers at two Indian military colleges.

The report comes in the middle of External Affairs Minister S.M.Krishna’s four-day visit to China to mark 60 years of diplomatic ties between the two countries. In Beijing yesterday, Krishna said China and India should shun a competitive approach and sought China’s support for India’s bid for a UN Security Council seat in an effort to warm up ties the increasingly frosty ties between the Himalayan neighbors.

The latest attack appeared for more India-specific than the one the same research group identified last year as Ghostnet, which used computer servers based mostly on the island of Hainan to steal documents from corporations and governments in more than 103 countries, including India. Earlier this year, Google charged that it and dozens of other companies had been the victims of computer intrusions coming from China, leading to a spat with Beijing and Google’s exit from China.

The Munk School researchers, working with a U.S team from the Shadowserver Foundation and Indian experts who were not named for ''security reasons,'' said their investigation into Ghostnet led them to an eight-month long second counter cyber-espionage operation to track a ring they called Shadow Network. The new report shows that the India-focused spy ring made extensive use of Internet services like Twitter, Yahoo Mail, Blogspot, and Google Groups to automate the control of computers once they had been infected.

The report says the documents stolen included ''sensitive information taken from a member of the National Security Council Secretariat concerning secret assessments of India’s security situation in the states of Assam, Manipur, Nagaland and Tripura, as well as concerning the Naxalites and Maoists.'' Hackers also stole documents related to the travel of NATO forces in Afghanistan, the report said, suggesting that even though the Indian government was the primary target of the attacks, it could have compromised U.S and Nato operations.

The report at one point qualified the disclosures saying while the documents pilfered were identified as belonging to the Indian government, the researchers had no direct evidence they were stolen from Indian government computers; they may well have been compromised as a result of being copied onto personal computers.

According to the New York Times, which first reported the story, the researchers claimed they contacted intelligence officials in India and told them of the spy ring they had been tracking. They requested and were given instructions on how to dispose of the classified and restricted documents.

Given the sophistication of the intruders and the targets of the operation, the researchers said it is possible that the Chinese government approved of the spying. A Chinese official termed the suggestion ''ridiculous'' and told NYT that Beijing ''considers hacking a cancer to the whole society.''

No comments: