Just as in January, computer hackers based in China are being accused of cyber espionage and the Chinese government is denying involvement and calling the charges groundless.
In January, the targets were Google, dozens of other companies, and the e-mail accounts of human rights activists. Following revelations about the incident, Google said it would stop censoring search results in China, a decision that led the company recently to redirect queries from mainland China to Google servers in Hong Kong.
This time, the targets are the Indian Ministry of Defense, the United Nations, and the Office of the Dalai Lama, among other organizations.
There's a noteworthy difference in the two attacks, however: The security experts who revealed the attacks managed to track the perpetrators over eight months.
As a consequence, the researchers were able to obtain copies of various sensitive and classified documents from the hackers. These documents included files taken from governments, businesses, academic institutions and other entities.
Some of the stolen data consisted of visa applications provided to Indian embassies, for example. Other data recovered included some 1,500 letters sent from the Dalai Lama's office between January 2009 and November 2009.
The researchers said they handled the sensitive files responsibly and notified affected organizations.
The report on the attack, published by Information Warfare Monitor — made up of Citizen Lab, part of the Munk School of Global Affairs at the University of Toronto, and the SecDev Group — and the Shadowserver Foundation, is called Shadows in the Cloud: An investigation into Cyber Espionage 2.0.
The authors of the report contributed to a similar investigation last year called GhostNet that found circumstantial evidence pointing to attackers located in China.
via Data Stolen From India, UN, Dalai Lama Traced To China — InformationWeek.
