We all know Ghost net is a phrase used for abandoned fish nets left in the sea by the fisherman. But today we are going to tell you about a different type of ghost net. What if this Ghostnet exists in our virtual life via the most basic mean of today’s life, the Internet?
What is GhostNet ?
According to wikipedia “Ghostnet is the name given by researchers at the Information Warfare Monitor to a large-scale cyber spying operation.” In simple words it means spying on a huge scale.
When was Ghostnet discovered?
GhostNet was discovered and named following a 10-month investigation by the Infowar Monitor (IWM), on March 2009 carried out after IWM researchers approached the Dalai Lama's representative in Geneva suspecting that their computer network had been infiltrated.
The IWM is composed of researchers from The SecDev Group and Canadian consultancy and the Citizen Lab, Munk Centre for International Studies at the University of Toronto;
Compromised systems were discovered in the embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan and the office of the Prime Minister of Laos. The foreign ministries of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan were also targeted. Since its discovery, GhostNet has attacked other government networks, for example Canadian official financial departments in early 2011, forcing them off-line. Governments commonly do not admit such attacks, which must be verified by official but anonymous sources.
How does it work?
Emails are sent to target organizations that contain contextually relevant information. These emails contain malicious attachments, that when opened, drop a Trojan horse on to the system. This Trojan connects back to a control server, usually located in China, to receive commands. The infected computer will then execute the command specified by the control server. Occasionally, the command specified by the control server will cause the infected computer to download and install a Trojan known as Gh0st Rat that allows attackers to gain complete, real-time control of computers running Microsoft Windows .
What is a Trojan horse?
A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system.
What damage does it do?
Through the trojan virus GhostNet can do these:
- Deleting data
- Blocking data
- Modifying data
- Copying data
- Disrupting the performance of computers or computer networks
- But the most important and highlighting danger is through the malware the sender can get access into web camera or audio speakers and see what the user is doing.
Another example of ghostnet is tracking down the data used by the user and sending those data on the cost of the user himself/herself to the malware party.
Who is behind this?
Though no one still doesn’t know who is actually behind this operation, it is assumed;Chinese government ran this operation for collecting confidential and sensitive data.
Chinese organizations ran these operations for their own various purposes and surveys.
Comments (1)