A vast electronic spying operation has infiltrated computers and has stolen documents from hundreds of government and private offices around the world, including the foreign ministries of Bangladesh. Now the question should be if Bangladesh government is prepared to prevent this? The answer would be no.
Intelligence analysts say many governments, including those of China, Russia and the United States, and other parties use sophisticated computer programs to covertly gather information. Once the hackers infiltrated the systems, they gained control using malware — software they install on the compromised computers — and sent and received data from them, the researchers said.
GhostNet is an electronic spying operation based mainly in the People’s Republic of China which has infiltrated at least 1,295 computers in 103 countries, including many belonging to banks, foreign embassies, foreign ministries and other government offices, and the Dalai Lama’s Tibetan exile centers in India, Brussels, London, and New York City.
GhostNet was discovered by researchers at the University of Toronto’s Munk Centre for International Studies in collaboration with the University of Cambridge’s Computer Laboratory after a 10-month investigation, and its workings were reported by The New York Times on March 29, 2009. Investigators focused initially on allegations of Chinese cyber-espionage against the Tibetan exile community where email correspondence and other data were stolen, but this led to a much wider network of compromised machines.
The system disseminates malware to selected recipients via computer code attached to stolen emails and addresses, thereby expanding the network by allowing more computers to be infected. Once infected, a computer can be controlled or inspected by its hackers.
Compromised systems were discovered in the embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan. The foreign ministries of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan were also targeted. No evidence was found that U.S. or U.K. government offices were infiltrated, although a NATO computer was monitored for half a day and the computers of the Indian embassy in Washington, D.C. were infiltrated.
The researchers could not conclude that the Chinese government is responsible for the spy network, and noted alternative possibilities such as an operation run by private citizens in China for profit or for patriotic reasons, or intelligence agencies from another country. The Chinese government has denied any involvement, stating that China "strictly forbids any cyber crime". However, an independent report from researchers at Cambridge University says they believe that the Chinese government is indeed behind the attacks.
They say prevention against such attacks will be difficult since traditional defense against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tedious operational security procedures.