Wednesday, April 01, 2009

The Curious Case of the Snooping Dragon

Dr. Shishir Nagaraja and Professor Ross Anderson of the Security Group at Cambridge University's Computer Laboratory document a new type of electronic surveillance attack that they call social malware. The attack involves a combination of social phishing and malware (Trojans, to be precise) The target was the the Office of His Holiness the Dalai Lama (OHHDL) in Dharamsala, Northern India. Researchers from Canada followed up by hacking into one of the attackers' servers, something the Cambridge team could not do due to the UK's Computer Misuse Act of 1990. In this report, hot off the virtual press (29 March 2009), the Canadian researchers identify and expose the large-scale cyber espionage network behind the attack. They assign it the name GhostNet.

Notes:
  1. This case illustrates, once again, that information and network security is a game of cat and mouse. Or dragon and mouse in this instance.
  2. Professor Ross Anderson is the author of the technically excellent, yet highly readable text Security Engineering - A Guide to Building Dependable Distributed Systems (2nd edition, 2008).
  3. Coincidentally, the Dalai Lama has been in the news in this part of the world, where he was recently denied a visa to visit South Africa. This was as a result of "representations" made to the South African government by the Chinese government-allegedly. So perhaps not so coincidental after all.

No comments: