Computer spying network touched 103 countries

I see the target seems to have been politically sensitive information. I wonder how much is being done against commercial fraud and spying operations.

Is there an easy way to spot a remote access tool on your computer?

See if you worry about spy programs just use good firewalls better yet if you have the money invest in Juniper or Packeteer. I have worked with both these products and they are so powerful it is really scary! Nothing! Goes in or out without your say so and everything gets recorded and stored and you can also make your LAN, VPN and internet sessions unreadable for spying eyes. It encrypts everything on a packet level with no trouble at all. I can also email a telephone number for experts on both these systems but it just remember these systems are not cheap but worth it because it is really powerful hardware and code dedicated to security like nothing I have ever seen before it is really potent stuff. Also Google the names and have a look for yourself.

It all begs the question regards conspiracy theory. I have a friend that is the ultimate conspiracy theorist. He really takes it seriously and says stuff that make alot of people laugh and look at him strange. (like anti satellite spyware in his garden) Even myself on the odd occasion with a couple of the comments.. should we laugh, maybe not.

Information Monitoring System Also known as the IMS system. It existed since 2000 and will only be made public come 2012 when the UN introduces its new policy on world terror. The IMS is connected to all publicly owned satellites, hardwire and also the intercontinental back bone cables that connect the world with the world. IMS once active will be able to scan for illegal digital content no matter the inscription. It will scan everything from e-mail to web-pages and will do so in real time thus the information is up to date. With its advanced tracking systems the IMS will be able to pinpoint any computer no matter where it is in the world. It will be able to pinpoint it and track its location no matter if it uses 3G or if it’s tapped into telephone lines illegally. IMS is a reality and it is coming. It will be up and running coming 2012. All networks will be scanned all the time. Think this is a conspiracy? Think again... All the intelligence agencies are using a version of the IMS as we speak. Yes it is already in use... However our constitutional rights are still hindering its progress. Yet right now negotiations are in play. Once done you will see that all internet systems will by law be monitored come 2010 the systems will then be tested and come 2012 it will be in full effect. The internet will then be another big brother tool.

It's about time Google had some competition

Do you think it will be able to track down the bastards responsible for all the anatomy enhancer spam?

the thing is, they're still getting in the usual ways. they mentioned a link in an email that had the return address of "campaign@freetibet.org." these attacks are directed at human error. you can have the best firewall in the world, if a user clicks "yes" it's going to be worth nothing.

The systems that I have suggested can and actually do prevent anyone from clicking anything unless they have a password and then the system will still contact the administrator automatically and ask if it is okay for the user to view the file or click yes. It is really that powerful. I am not joking these systems is active and intelligent enough to make sure the user doesn’t do anything stupid.

or do anything at all...

You read my mind. It all becomes so manually supervised you've got to have someone constantly on standby to authorise.

I can see some and going this route.

well, I guess it can be looked at as this way:
if you're in a highly confidential section of government, you shouldn't be checking your personal emails in the first place.

I remember designing a system for a large company in 2007. The system had an Intranet connected to a VPN that ran across 2 cities. It used 1mb line as backbone and we had to implement tunnelling systems and compression systems so that Data and e-mail had dedicated speeds given to them. We used domain controllers with the basic permission systems. We also implemented Active Directory and Raid with 5 redundant servers each one of them able to handle the network on their own. We also used what is considered a big No-No in the IT industry and that is dedicated IP addresses. Thus we knew of every computer and there were about 200 computers on the network. We also implemented Remote Desktop and other little goodies to make the system completely accessible for the administrators.

In the end the users had an E-mail service but were not able to send mail outside the intranet. I designed the system that only top management could send e-mail to the outside world. Also thanks to the systems I mentioned before all the mail was scanned and checked when it left the intranet and when it was received by the internet it was scanned and approved again. This type of system is a bit harsh but it shows you what can be done if the technology is understood correctly and used correctly.

We are now entering 2009 and the system is still working flawlessly. It never crashed once and virtually no down time. The only upgrade that was done was the backup system. The thing is we used the best like Gigabit LAN and encrypted-key-wireless LAN for the notebooks. It worked so well that the company saved money in the end.

OK Team....

I naturally had to take it "too far"...

Here's the 53 page Doc...


and the interpretation of one...

The recent news about GhostNet, the suspected cyber espionage activity of the Chinese government uncovered by The Information Warfare Monitor is news, to say the least. More than a thousand computers have been compromised with apparent ease, many in high-value secure government offices. Researchers revealed that the compromises were so sophisticated, that confidential documents were removed, video cameras and microphones turned on to observe events, and sophisticated key-loggers tracked everything that was typed. According to two of my sources well-placed in government and computer security, this is just the frightening tip of an enormous iceberg.

Many will recall reports on the FBI's concern about counterfeit network router hardware being installed in businesses and government agencies all across the nation. Many were concerned that the counterfeit routers contained code that allowed for a broad range of back-doors into secure computer systems, as well as covert kill-switches that would shut-down after receiving a remote signal. Indeed, several analysts found thousands of additional lines of machine code as compared to a non-counterfeit. Since the counterfeit hardware originated in China, the FBI was very concerned, so much so that they responded to the reports.


I've recently spoken to two well-placed computer security experts who firmly believe there is a frightening connection between GhostNet and the counterfeit routers. Their fear is that we are mere months away from a series of significant cyber attacks on key private sector businesses and portions of our infrastructure.

My first contact is a highly experienced computer security expert who often works directly with law enforcement and intelligence agencies. Asking for my assurances of complete confidence in his anonymity, he revealed that there is a great deal of concern, both among his IT counterparts and security experts within law enforcement, that GhostNet is a sophisticate reconnaissance system designed to locate the counterfeit routers. Many are speculating that the gHost RAT trojan (delivered via email and has been in broad use for months) may be triggered by recognizing key attributes of the counterfeit routers, and reports back the details of the exploitable network.

Experts are concerned that the number of infected systems discovered by The Information Warfare Monitor may very well be a tiny percentage of networks that are known to be exploitable, but not yet infected. GhostNet is cataloging potential networks and refining the cyber weapons for the next round of attacks. The activity seen thus far has been proof-of-concept tests of computer take-over software in preparation for larger-scale attacks -- a weapons test if you will.

My second contact is an IT manager at a large financial products company who tracked down and replaced a number of counterfeit routers in their network. As their internal security team examined all systems connected to the removed routers, he was alarmed at their findings. Nearly all of the Windows-based computer systems connected to the routers contained some form of malware. In comparison to other Windows computers on their network, only 10-20% on average had any type of malware. He cautioned that all of the systems on the counterfeit routers were new systems in public-facing installations (branch offices), and a higher-than normal infection rate was expected. However, the 100% infection-rate was unusual.

Both of these computer security professionals are increasingly concerned about the convergence of these two items that appear to point back to either the Chinese government, or Chinese state-sponosored cyber criminals. The report from Information Warfare Monitor stops short of specifically naming the Chinese government, or intelligence agencies within the government, as the culprit of these attacks. However, we do know that their intelligence agencies and law enforcement units have acted upon information obtained through GhostNet.

My contacts feel we (western nations) are mere months away from the second, more serious wave, of attacks designed to harm key corporations and interrupt vital infrastructure. The hope is that GhostNet is a tool of cyber criminals -- after all, if that is the case, we're safe, no criminal would cripple the networks that provide their bounty. What worries them most, however, is the combination of our complete lack of preparation (the U.S. DHS cyber security division is a joke), the stunning sophistication and multi-tiered nature of these attacks, and the disturbing potential connection to the Chinese government. To be clear, they feel a second wave of attacks are not likely to be a national disaster that cripples the nation, that may be reserved for the third wave.

The conspiracy theorist in me observes a number of causes for concern.

(1) - The mainstream press appears to be working hard to spike or avoid any connection of GhostNet back to the counterfeit router issue.

(2) - The media, especially US-based media, is typically over-playing the "hacker criminal" aspect of this story so as to avoid concern over state-sponsored cyber warfare -- they know we (western nations) are at a disadvantage.

(3) - The Chinese government has recently made a great deal of noise voicing concern over the US dollar and the need for a global currency. Causing harm to the US infrastructure through a well-placed cyber attack may significantly weaken the dollar and hasten their financial agenda.

(4) - After all that has happened after September, 2001, especially the increase in sophisticated Internet attacks as well as known state-sponsored cyber terrorism, why has the government let us down?


These developments indicate the Internet attacks may very well be on the horizon. And again, we are not only not ready, we're completely clueless.

Seems China is denying involvement and trying to alter the focus towards finding out who would blame China for this.....lmao!


"Oldschool, China would like to have a word with you..."


If any of you have Cisco routers....http://it.slashdot.org/it/06/10/24/1819200.shtml

If any of you think of claiming from insurance ....http://finance.yahoo.com/news/Great-...-14765152.html

There already are known backdoors to windows operating systems. A hidden 'NSA key' used during cryptograpy built into windows. Anything you encrypt they can decrypt. Programs loaded remotely... They wouldn't let you use US tech against themselves would they.



Oh well...

Look do you want to make your computer completely safe there is only one way of doing it. You are a clever person and you know I am right. Isolate your network. If you unplug there is no physical access to your system unless if someone developed spyware based on telepathy. Security can do only so much I mean if I want to cripple the internet just attack the routers and it is done. There is no more internet. It is really that easy...