Log In | Sign Up | Help
Upload_transparent

Tracking GhostNet: Investigating a Cyber Espionage Network

This report documents the GhostNet - a suspected cyber espionage network of over 1,295 infected computers in 103 countries, 30% of which are high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs.

The capabilities of GhostNet are far-reaching. The report reveals that Tibetan computer systems were compromised giving attackers access to potentially sensitive information, including documents from the private office of the Dalai Lama. The report presents evidence showing that numerous computer systems were compromised in ways that circumstantially point to China as the culprit. But the report is careful not to draw conclusions about the exact motivation or the identity of the attacker(s), or how to accurately characterize this network of infections as a whole. The report argues that attribution can be obscured.

The report concludes that who is in control of GhostNet is less important than the opportunity for generating strategic intelligence that it represents. The report underscores the growing capabilities of computer network exploitation, the ease by which cyberspace can be used as a vector for new do-it-yourself form of signals intelligence. It ends with warning to policy makers that information security requires serious attention.

  • Send This
  • Add_to_favs_transparent
  • Unlike This
  • Embed
  • Download
  • Flag
  • Add to Favorites

Scribd requires Javascript. Please enable Javascript in your browser.

Related Categories

Related Tags

Your document does not seem to be indexed by any search engines yet. Be patient, they'll come!

Latest Searches Leading to this Doc

Document Information

132,382 Views | 11,651 Downloads | 68 Likes | 12 Comments | 73 Favorites

Added By
Description

This report documents the GhostNet - a suspected cyber espionage network of over 1,295 infected computers in 103 countries, 30% of which are high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs.

The capabilities of GhostNet are far-reaching. The report reveals that Tibetan computer systems were compromised giving attackers access to potentially sensitive information, including documents from the private office of the Dalai Lama. The report presents evidence showing that numerous computer systems were compromised in ways that circumstantially point to China as the culprit. But the report is careful not to draw conclusions about the exact motivation or the identity of the attacker(s), or how to accurately characterize this network of infections as a whole. The report argues that attribution can be obscured.

The report concludes that who is in control of GhostNet is less important than the opportunity for generating strategic intelligence that it represents. The report underscores the growing capabilities of computer network exploitation, the ease by which cyberspace can be used as a vector for new do-it-yourself form of signals intelligence. It ends with warning to policy makers that information security requires serious attention.

Pdf_16x16 53 Pages

Date Added

3 days ago
Category
Tags
Groups

IT Security and hacking Group_add

Awards

Award_star_gold_2 Featured

Copyright

Attribution No Derivatives

More info »

 

Comments

Login or Signup to Leave a Comment

dsphunxion about 2 hours ago

There's an analysis of this work called "GhostNet in the Shell 2009". Offers reasoning about the approach and science in this study as well as the political motivations behind it.

http://infiltrated.net/ghostnet101.html

roxyroller about 13 hours ago

I just want to let u know u guys did a GREAT job on this work. U should be very proud of ur accomplishment especailly im sure working as a team on important work for everyone and trying to keep us all safe from information stealing and its corrupted useage. this article help me feel a tiny bit safe when the powers that be dont really care or change. THANK YOU

openid_UE4aQdQh about 19 hours ago

Scribd sucks. iPaper sucks. Flash sucks. Why can't you just put this on a web page like everyone else so it can be properly indexed and people can reference it and use it?

plusoneinformative about 21 hours ago

FYI, Border's comments 3 below this translate as
"Legend of the Ghost Nets"

Bondagent 1 day ago

You guys should post these incidents to your national CERT authority. (Also) a few days ago i found an inexplicable chinese-language web address (?) in the keyline cache of the browser. When I clicked on it nothing appeared... uh oh?

narodnikkki 1 day ago

oooh this is good

border 1 day ago

传说中的幽灵网。。。

zer0tails 2 days ago

network recon is the new frontier

agenta d 2 days ago

is flikrin agen.

agenta d 2 days ago

i enjoyd this art icle. totally wierd i dont know whether you did anything or not as i am a computer illiterati but just after i sent you that msg the leech computer hasnt kept tself connected 2 me! that wil prob last til it sees you do x or not. well the up arrow is expand and contracting the picture instead. im ovrwelmd help. gnite.

agenta d 2 days ago

Also my screen flickers and it is now accessing me for split seconds to capture pages i think?

agenta d 2 days ago

There was an oops accross my screen due to a pesky espionaging computer called linksys nearby that disconnects me from my wireless and hooks into my computer and does wierd things like javascript=0 makes pages jiggle and move around and not obey command given just annoying. it used to sneak onto me 2-5 minutes after i go online and everytime i switch back it unhooks me from mine and leeches oto my computer and hotmail made the settings not compatile for a few days but its doing it again. Can you or someone you the warfare monitor or someone good help me? PLEASE post somthing or find me thanks