Tag Archives: GhostNet

When Internet Security NEWS isn’t!

Across the globe this morning, the news has been released that a “vast electronic spying operation dubbed GhostNet”, has been discovered by researchers at the University of Toronto.

Major newspapers, worldwide, have reported on this story as a sampling of news headlines illustrates.

“U of T team tracks China-based cyber spies” – Toronto Star

“Cyber spies hack into government computers across the globe” – Jakarta Post

“Canadian researchers uncover Chinese spy plot against Dalai Lama” – Irish Sun

“Massive Chinese computer espionage network uncovered” – The Guardian

So, what’s wrong with this news story? Well, how about this – This is NOT news!

Simply because this story is not news of course, doesn’t mean that it can’t be MADE news. Just add the following quote from Ronald Deibert, a member of the research group and an associate professor of political science who said: “This could well be the CIA or the Russians. It’s a murky realm that we’re lifting the lid on.”


Huh? You, are lifting the lid on this. Let me quote ABC’s John Stossel here “Give me a break”. Where have you been Mr. Deibert? This “news” report is only marginally informative, contains no new Internet security information of any value, and is on the face of it – misleading.

To quote the article “The malware is remarkable both for its sweep – in computer jargon, it has not been merely “phishing” for random consumers’ information, but “whaling” for particular important targets – and for its Big Brother-style capacities. It can, for example, turn on the camera and audio-recording functions of an infected computer enabling monitors to see and hear what goes on in a room”.

Here’s a clue for these researchers – every day, typically average Internet users’ are exposed to vastly more sophisticated malware and penetration attempts, just by surfing the Web. A level of malware sophistication that makes the scenario described in the article, look like amateur day at the Burlesque.

Some examples used in the article to drive home the point that this occurrence is somehow a particularly dangerous and new threat:

Whaling for particular important targets?

This is the standard and typical behavior of a “banker” Trojan, which sit in the background of an infected machine until such time as the victim signs on to a banking site. The Trojan then intercepts the privileged data and transmits that data to cybercrooks.

Activating a video camera and audio pickup?

This is a no brainer for malware writers. In fact mobile spyware has the potential to turn on your phone’s camera or voice recorder, turning your own phone into a spying device. Now that’s a story worth writing about; one that has direct impact on vast numbers of individuals.

Here’s the sad reality – savvy computer users are better equipped to harden their computers against penetration than most government agencies/departments. If you think not, then checkout the ample evidence on the Internet that supports this view.

As ABC Television’s 20/20 likes to say “We’re in touch – so you be in touch”. Good advice for most news organizations when it comes to reporting on technology issues. Thus far, most newspapers are essentially illiterate when reporting on even the most minor computer security issues.


Filed under Interconnectivity, Internet Safety, Malware Advisories, Personal Perspective, Spyware - Adware Protection, trojans, Viruses, worms