Comments
Share this article
Print
Email
Waking up to a cold, gloomy and wet morning in March in a hotel room in Cambridge, Mass, earlier this year, I saw this startling headline in the local newspaper:“Spy System Loots Computers in 103 Countries.”Underneath, the story ran the opening paragraph: “A vast cyber spy network controlled from China has infiltrated government and private computers in 103 countries, including those of the Indian embassy in Washington and the Tibetan spiritual leader Dalai Lama.”
That was the story that came to mind on seeing DNA’s New Delhi-datelined story “Chinese break into army network near N-E border” (Josy Joseph, Dec 4, 2009). The DNA story reveals that Chinese intelligence agencies could have impregnated Army computers with malware, including Trojan viruses, which gave access to privileged information.
The New York Times story had reported on March 28 an electronic spy ring called GhostNet based in China, which scoured computers for data and e-mails and turned on web cams in remote locations. Researchers at the University of Toronto, Canada had discovered the Internet spy ring — researchers, one presumes, who had no special interest in spying or investigative journalism. The Times report indicated, without implicating the Chinese government directly, that the spy system was controlled from China.
The Toronto researchers were following up on work already done by two other independent researchers at Cambridge, UK — Ross Anderson and Shishir Nagaraja, who had apparently discovered the Trojans cleaning up computers at Dharamsala. The Cambridge document, available on the Internet, is quite straightforward in accusing the Chinese: “The Snooping Dragon: Social-Malware Surveillance of the Tibetan Movement.”
What was disturbing in the Times story was that among the affected computers — 1,295 computers in 103 countries, to be precise — were those belonging to embassies, foreign ministries and other government offices of countries. What was even more disturbing was that there was hardly any ripple in the Indian newspapers or TV channels in the wake of this report.
The point of interest here is how journalism has been radically affected by the Internet age. The old beat system of reporting, where a defence correspondent was expected to do espionage stories or a science correspondent would break news on cancer research, does not hold anymore. It could really be a cub reporter or stringer sitting in front of a computer at home who finds the Big One. The question of intelligence here is of context and relevance.
Anderson and Nagaraja believed that GhostNet was focussed on the governments of South Asian and Southeast Asian countries. Now here is the context: Where is the largest Tibetan settlement in India? The answer is Bylakuppe, 4 km from Kushalnagar in Coorg, Karnataka, home to 40,000 refugees hostile to the Chinese establishment.
In April 2005, when the Chinese premier Wen Jiabao came on a two-day visit to Bangalore, he was shocked by Tenzing Tsundue, the general secretary of the organisation Friends of Tibet, who appeared on top of the Indian Institute of Science building, planted the Free Tibet banner and shouted, “Azaadi hona chahiye,” as the international media watched the embarrassed Chinese delegation.
Was that an external affairs story? Or a crime story? Speaking of GhostNet, whose story is it now, anyway? In a delicious twist in the tale, the Chinese delegation was here partly to develop cooperation in the areas of science and IT. So, it must surely belong to the IT correspondent?
We could even pose questions beyond journalism: How much of this problem must be owned by the Centre and how much by the state? Will the Union home ministry share information with Karnataka and its police on these sensitive issues? Without being alerted and alive to the relevance of the information, what will the local policemen make of the unwitting intelligence?
While we can resolve the question of beats at our leisure, it surely does not take too much debate to come to the conclusion that GhostNet would like to watch the moves and places of people who handle security in our city and state. Anderson and Nagaraja report:
“The malware is remarkable both for its sweep — in computer jargon, it has not been merely ‘phishing for random consumers’ information, but ‘whaling’ for particular important targets.” It can turn on webcams and audio-recording functions of the infected computer, “enabling monitors to see and hear what goes on in a room.”
“What Chinese spooks did in 2008, Russian crooks will do in 2010 and even low-budget criminals from less developed countries will follow in due course,” say Nagaraja and Anderson. Something for all of us to worry about and the IT capital of India to do something about.