IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

GhostNet: Did the Chinese government hack the world?

The Chinese state has been accused of spying on networks around the world, but it could also be cybercriminals – which could turn out to be a very big problem for businesses.

It's the sort of world-wide super-villain master plan that wouldn't look out of place in a spy movie

Canadian researchers have discovered a massive worldwide cyber-spying network, where at least 1,295 computers from high-value targets like foreign ministries and embassies were infected over two years.

A team from the Munk Centre for International Studies dubbed the operation GhostNet', and concluded that computers based almost exclusively in China were responsible but stopped short of accusing the Chinese government.

Chinese state hacking?

So what evidence is there that the Chinese authorities could have been responsible for this invasion into highly privileged information around the world?

The report does agree that Chinese cyber-espionage is a major global concern, with even the Chinese authorities making it clear that they considered cyberspace a strategic domain and that it redressed the military imbalance with the rest of the world.

It's also important to note that the investigation started with a Tibetan request to the Information Welfare Monitor to look at cyber-espionage against the Tibetan community.

The Tibetans have accused the Chinese of engaging in cyber war against them for several years, as part of wider strategy to crack down on dissident groups and subversive activity.

No smoking gun'

However, the Canadian researchers said it would be wrong and misleading to claim that all of the Chinese malware was from the government.

After all, the Chinese have the world's largest internet population, and cybercrime kits are letting users pull off their own attacks.

As Sophos security analyst Graham Cluley says in his blog, there is no "smoking gun". He points out that just because Chinese computers were used in the operation, it did not mean that the authorities were involved.

He said that if you were to investigate the IP address of spam that was sent into your mailbox, a good proportion of it would be from a PC based in China but it wouldn't be in Chinese.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022
The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022
The Total Economic Impact™ of Mimecast
Whitepaper

The Total Economic Impact™ of Mimecast

25 Apr 2022
The Total Economic Impact™ of Mimecast
Whitepaper

The Total Economic Impact™ of Mimecast

25 Apr 2022

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Costa Rica declares state of emergency following Conti ransomware attack
ransomware

Costa Rica declares state of emergency following Conti ransomware attack

10 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022