http://www.bbc.co.uk/blogs/technology/2008/03/tibet_the_cyber_wars.html By Rory Cellan-Jones dot.life BBC News 24 March 08 We know that YouTube has been blocked in China, as the authorities seek to control what they see as biased Western coverage of events in Tibet, but there is a wider battle being fought in cyberspace. Tibet protest groups have been in touch to say they are under attack, with emails arriving containing attachments that are designed to infect or take over their computers. These attacks have been going on for months, but appear to have grown in intensity in recent days. Alison Reynolds of the International Tibet Support Network told me, "There are surges of activity which coincide with our busiest campaign periods and obviously now we are seeing a lot of attacks." She says most members of the movement know not to open attachments - but some do still get through. Maarten van Horenbeeck, a security researcher, works with the Tibet groups to monitor these attacks, and says he is currently seeing three times as many as he saw last month. He says the attackers appear to be interested in emails and word documents stored on the machines they infect. He describes an attack on one NGO which involved a search for the keys to the system used to encrypt its emails. Sometimes the original emails from the attackers appear to contain press releases from other Tibet campaigners - but when they are opened they install a trojan, enabling the machine to be controlled remotely. The security company F-Secure has blogged on the techniques being used by whoever is responsible and shows how well they craft their attacks. But is this the work of the Chinese authorities? "Impossible to say," according to Martin van Horenbeeck. "Yes, the vast majority of attacks connect back to servers on CHINANet, a major Chinese network. However, CHINANet, due to its sheer size hosts many vulnerable machines, so these are most likely all compromised themselves. In addition, there have been several samples that connect back to the USA, Taiwan or South Korea." He makes the point that China has thousands of hackers - many of whom may be hostile to Tibetan groups - so there is plenty of scope for mischief. And here is what's interesting, and perhaps unique about China. It is a country which has allowed the web to flourish, while imposing pretty strict limits on the dissemination of information which it regards as subversive. So a generation of hackers which in other countries would be anti-establishment and would use the web to attack their own government, may be happy to lend the Chinese government a hand in any cyber-war. Forty years after the cultural revolution saw the Red Guards take to the streets with their little red books, is a new generation using the web to similar ends? A friend who's a British reporter based in China - doing a great job amidst growing hostility to the Western media - says he winces when he hears overseas journalists like me trot out "the new cultural revolution" cliche. But isn't it rather apt here? ___________________________________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Tue Mar 25 2008 - 22:08:52 PST