ForumCyber snooping rattles exiled TibetansBy Indrajit Basu
![]() |
| A view of Dharamsala, India, where the His Holiness the Dalai Lama’s Tibetan government-in-exile has its headquarters. The peaceful town is under cyber attack from a sophisticated China-based online spying network, which has penetrated political, diplomatic and military computers in more than 100 countries. (Photo/Liz Highleyman) |
Kolkata,
India — Perched on mountain slopes against the dramatic backdrop of the
Himalayas, Dharamsala in Himachal Pradesh, India, hardly looks like a
town sensitive enough to be the target of a vast electronic spying
operation.Yet this small settlement of mostly Buddhist monks –
famous the world over as the headquarters of the Dalai Lama and his
exiled Tibetan government – is currently rattling global computer
security experts, who have discovered it is at the center of a serious
outbreak of information warfare.Cyber experts based at the Munk
Center for International Studies at the University of Toronto, Canada,
have recently discovered that over the past two years Dharamsala has
been the focal point of a brazen computer spying network called
GhostNet, which has penetrated the computer systems of the private
offices of the Dalai Lama and other Tibetan targets.That is not
all. GhostNet is the biggest cyber-spying network discovered yet,
having infiltrated some 1,295 computers in 103 countries over the past
22 months. Of these, said the experts, close to 30 percent can be
considered high-value diplomatic, political, economic and military
targets in the United States, Germany, India, Pakistan, Indonesia and
the Philippines. Organizations such as the Asian Development Bank and
NATO have not been spared.Although the Munk Center experts
refrained from naming the Chinese government as the perpetrator of
these attacks, they said their discoveries were the result of an
investigation into alleged Chinese cyber spying against Tibetan
institutions. A 10-month-long study of the computer systems of the
Tibetan government-in-exile led them to GhostNet computers, most of
which were located in China. “We have been frequent targets of
undesired elements invading our computer systems, and the audacity of
the attacks has unnerved us,” said Thubten Samphel, the official
spokesperson of the Tibetan government-in-exile in Dharamsala.He
added that despite being somewhat stymied by the security system of the
targeted network, GhostNet had been successful in stealing sensitive
and secret information from the private offices of the Dalai Lama and
other Tibetan targets.“The attacks were alarming for two
reasons,” said Samphel. “The networks that implanted malicious (called
“malware”) and spying software (called “spyware”) not only stole
sensitive information from the attacked systems, but these harmful
implants also tried to stop the supporters and sympathizers from
reaching out to the exiled Tibetan government and the diaspora.”The
Dalai Lama’s office too was careful not to point fingers directly at
the Chinese government. “All we are saying is that our computers were
compromised and that we were victims of cyber snooping from
unauthorized sources,” said Tenzin Taklha, the Dalai Lama’s
spokesperson. “We are deeply concerned by the compromise of our
computer systems because we have a lot of sensitive information on the
system and we take as much precaution as possible to keep it
confidential.”Whether or not the Chinese government is behind
these attacks, it is not hard to explain why the Chinese should be
interested in snooping on the exiled Tibetans. Ever since Tibet was
seized militarily by China in 1951, and the country’s ruler, the 14th
Dalai Lama, dramatically fled to Dharamsala in 1959, the relationship
between the Chinese Communist Party and the Dalai Lama has been
acrimonious. Beijing condemns the Dalai Lama for wanting to
“split” Tibet from China, and accuses him of plotting uprisings against
China from his “illegal” government-in-exile in Dharamsala. The Dalai
Lama, on the other hand, has insisted that Tibetans should be allowed
autonomous control over their own political and religious affairs in
Tibet.Chinese authorities have made it clear that they consider
cyberspace a strategic domain in which to redress the military
imbalance between China and the rest of the world, particularly the
United States. Consequently, say experts, China has developed a
sophisticated cyber warfare doctrine that includes both defensive and
offensive capabilities.Additionally, the exiled Tibetans and
the experts at the Munk Center found ample anecdotal evidence to
suggest that the cyber snooping is the handiwork of Chinese authorities.One
example, said Samphel, was a warning that a foreign diplomat received
from the Chinese government after being invited by the Dalai Lama to
meet with the Tibetan spiritual leader. Samphel claimed that the
Chinese obtained details of the invitation by infiltrating their system.In
another incident, a Tibetan member of non-governmental social welfare
organization Drewla, run by exiled Tibetans, was arrested when she
tried to return to Tibet. Investigations revealed that Chinese
intelligence officials were able to gather information about her plans
from her Internet communications.“It looks to us that the
Tibetan movement is thoroughly penetrated and compromised,” said Greg
Walton, one of the researchers at the Munk Center and co-author of
“Tracking GhostNet: Investigating a Cyber Espionage Network,” the
report in which these startling revelations were made.“We have
already tracked the intrusions back to the control servers in China,
and we are continuing with our search to go beyond that,” he said.
Whatever evidence is produced, the problem remains that the exiled
Tibetans are largely helpless in handling such attacks.“More
than a hundred governments and embassies around the world are the
target of this kind of snooping. This makes the problem not
specifically a Tibetan problem. It is a problem for all those who use
the Internet,” said Samphel.“But we Tibetans don’t have the
talent, skills or resources to come up with an effective countermeasure
to resist this kind of snooping.” Samphel hopes that the wherewithal to
resist future attacks might be forthcoming from the United States or
India.Meanwhile the Munk Center experts are lending a helping
hand. “The exiled Tibetan government has asked us to make
recommendations with regard to handling and thwarting cyber attacks and
we have already suggested some steps,” said Walton.These
include accepting United Nation’s assistance, through its International
Multilateral Partnership Against Cyber Threats, to report and monitor
attacks on Tibetan computer networks, and most importantly, acquiring
the capability to thwart such attacks.“Tibetans must develop
indigenous expertise in this field,” said Walton. GhostNet is “a
wake-up call,” the Munk investigators said, to the havoc that computer
spying networks can create on global information systems.“The
large percentage of high-value targets compromised by this network
demonstrates the relative ease with which a technically unsophisticated
approach can quickly be harnessed to create a very effective spinet,”
said the report. “These are major disruptive capabilities that the
professional information security community, as well as policymakers,
needs to come to terms with rapidly.”–The above article is reproduced from the UPI Asia.com on 21 April 2009





