Blog: Researchers Trace Data Theft to Intruders in China

Researchers Trace Data Theft to Intruders in China
New York Times (04/05/10) Markoff, John; Barboza, David; Bajaj, Vikas

Over the past eight months a team of U.S. and Canadian researchers have spied on a gang of intruders that stole sensitive information from the Indian Defense Ministry and traced them to China. A report from the researchers indicates that the ring extensively employed Internet services such as Twitter, Yahoo! Mail, and Google Groups to automate the control of computers once they had been commandeered. The investigators gained access to the control servers used by the gang to monitor the theft of a broad spectrum of material, and traced the attacks to intruders that appeared to be based in Chengdu. Among the stolen material were documents related to the travel of NATO forces in Afghanistan, which demonstrated that many nations can be put at risk of exposure by a single computer security hole. "An important question to be entertained is whether the [People's Republic of China (PRC)] will take action to shut the Shadow Network down," the report says. "Doing so will help to address long-standing concerns that malware ecosystems are actively cultivated, or at the very least tolerated, by governments like the PRC who stand to benefit from their exploits though the black and gray markets for information and data."

View Full Article