Indonesia Includes Target Cyber Eye-eye

Indonesia Includes Target Cyber Eye-eye

JAKARTA, KOMPAS.com - Investigation cyber espionage that took place over 10 months revealed that in 1295 the computer 103 countries and is owned by international institutions has been the eyes-matai. Evidence refers to China as the perpetrators.

In the report setebal be 53 pages that day was Sunday, in Indonesia, including a list of 103 countries that the eyes-matai. Ministry of Foreign Affairs in Indonesia reports covered approximately 30 percent of computers infected with the targeted "high-value."

Besides Indonesia, the foreign ministry at the Bangladesh, Barbados, Bhutan, Brunei, Iran, Latvia and the Philippines. Who is also infected computers owned by the embassy of the country Cyprus, Germany, India, Indonesia, Malta, Pakistan, Portugal, Romania, South Korea, Taiwan, and Thailand.

Meanwhile, the international groups who are infected with the Secretariat of ASEAN (Association of South East Asian Nations), SAARC (South Asian Association for Regional Cooperation) and the Asian Development Bank; several news organizations such as the UK affiliate of the Associated Press; and NATO unclassified computer.

In the report explained that a network, called GhostNet, using a software program called wicked gh0st RAT (Remote Access Tool) to steal sensitive documents, and fully control the webcam control computers that are infected.

"GhostNet represents a network of infected computers that have locations in the political, economic, media and high-value brebagai in the country in the world," the report written by analysts of the Information Warfare Monitor, a research project of SecDev Group, think tank, and the Munk Center for International Studies at the University of Toronto.

Although the evidence indicates that the servers in China to gather some sensitive data, the analyst be careful to associate the action with the government spying China. "Blame China for all malware deliberately collect intelligence data by country and China is misleading," said the report.

The research analyst itself begins when they get access from computers belonging to the exiled Tibetan government, non-Government of Tibet, and the private offices of the Dalai Lama, who is concerned about confidential information bocornya. They then find computers already infected by malicious software that allows a remote hacker to steal information. After the infected computer users to open attachments or click on a malicious link that is connected to the web sites are dangerous.

Website or an attachment evil and will try to exploit software weaknesses to take over control a machine. An example of bad e-mail sent to organizations affiliated with the return address with the Tibetan campaign@freetibet.org with MS Word attachments are infected.

When the analysts examine the network, they find a server-server, which collects data that are not secured. And they access the control panel that allows you to monitor computers in a four-hack in the server.

Control panel is in fact reveal a list of the infected computer, in addition to government and NGO Tibet. Three of the four server checker that is in China, and one in the U.S.. Five of the six command server is in China, and one in Hong Kong.