Google's January investigation into Chinese hacking of over twenty companies and the emails of dozens of human rights activists has highlighted an increasingly potent form of espionage:
"Cyber espionage is the great equalizer. Countries no longer have to spend billions to build globe-spanning satellites to pursue high-level intelligence gathering, when they can do so via the web..."
That is from a joint report released today by the Information Warfare Monitor and Shadowserver Foundation called "Shadows in the Cloud". It details how China-based hackers stole secret documents from the Indian Defense Ministry, the Dalai Lama's offices and the U.N over the past year. Although the report acknowledges no Chinese government link to what they dub the "Shadow Network," the information harvested is unlikely to be of much benefit to individuals. It includes secret assessments of India's security in regions bordering Tibet, Bangladesh and Myanmar; missile systems; information on the domestic Maoist insurgency; and embassy assessments of Indian relations with West Africa, Russia, former Soviet republics and the Middle East.
Reuters neatly summarizes the report's conclusions into how the attackers operated:
"The cyber-spies used popular online services, including Twitter, Google's Google Groups and Yahoo mail, to access infected computers, ultimately directing them to communicate with command and control servers in China"
Although the Chinese government has denied any involvement and made clear that it views hacking as an international crime, it will be interesting to see if it investigates such hacker networks operating from its territory. There is surely enough evidence to do so. On the other hand, it is no secret that the U.S. also hosts a large number of the world' cybercriminals; a recent report from Symantec's Message Labs showed that while the bulk of the world's targetted email attacks (28 percent) originate in China, 14 percent originate in the U.S.
In fact, since the Google-China debacle exploded, grievances in the American media have seemed to focus on freedom of speech and freedom from censorship rather than on issues of espionage. The Indian press also seems somewhat unconcerned -- the report has gotten little attention there and the Chinese government has brushed it off as media hype. It just seems that all parties are resigned to the fact, at least tacitly, that this is the way things work nowadays.