NIC, which hosts all govt websites, was infected by mysterious GhostNet at least 12 times in past 2 yearsBy Shubhajit Roy
New Delhi: Computers of nine key Indian embassies, including offices in the US, UK and Germany, were infected by the mysterious GhostNet, a Chinese cyber espionage network that has been uncovered by a Canada-based research organisation.
More worryingly, the cyber investigation says that India’s premier National Informatics Centre (NIC), which governs and hosts all Government websites, was infected by the mysterious GhostNet at least 12 times in the past two years.
While cyber spying attempts are not new, what has surprised experts this time is the sophistication of the network.
The GhostNet can not only download data from infected computers but also use them as virtual spies by remotely activating their cameras and voice recording software.
The Canadian report is being studied by India but experts have drawn similarities with the ‘spyware’ infection that gripped over 600 computers of the Ministry of External Affairs earlier this year.
As reported by 'The Indian Express' on February 15, the Ministry of External Affairs discovered that its computers were being controlled remotely after being affected and preliminary investigations pointed to a Chinese link.
The latest report by the Munk Center for International Studies at the University of Toronto, that took the internet world by storm after it was released on Sunday, names computers at nine Indian embassies — UK, US, Germany, Serbia, Cyprus, Belgium, Italy Kuwait and Zimbabwe — that were infected by GhostNet.
In all, the network consists of 1,295 infected computers in 103 countries.
Significantly, all the computers are located in countries where China has a special interest.
The investigation has pointed to several hackers in China’s Hainan province where the Lingshui Signals Intelligence facility is located.
The Canadian team, which includes an Indian researcher Shishir Nagaraja, hit on the GhostNet while investigating cyber security loopholes in the Dalai Lama’s office in Dharamshala.
“Our investigation reveals that GhostNet is capable of taking full control of infected computers, including searching and downloading specific files, and covertly operating attached devices, including microphones and web cameras,” the report says.
The MEA says that this is not a one-off event and defensive measures are being put into place. Calling the attack as a “reality of the cyber world”, Foreign Secretary Shivshankar Menon said that there have been a series of attacks in the past and “defensive measures” are in place.
While all nine embassies have been infected by the GhostNet a few times over the past two years, the report says that computers at the NIC have logged 12 infections. This has raised concern as the NIC hosts and manages all government websites, including the Ministry of Defence and the MEA.
But NIC officials say that this is an ongoing game and systems are regularly updated to deal with such infections. Several measures, including disconnecting computers with sensitive information from the internet have been put into place.
“We are keeping a tight vigil. Cyber security is a dynamic game and it goes on. What it (the report) is trying to show is that the Chinese are doing an organised attempt. We are fully aware of it,” NIC Director General B K Gairola said.
0 commentaires:
Post a Comment