Feeds

China implicated in Dalai Lama hack plot

Virus attacks

  • alert
  • submit to reddit

SANS - Survey on application security programs

China has repeatedly attempted to crack into the Dalai Lama's computer network, according to its administrators.

Over the last month there have been repeated attempts to infect systems used by the exiled spiritual leader. This takes the form of a computer virus which attempts to send information back to China, Jigme Tsering, manager of the Tibetan Computer Resource Centre told AP.

The centre runs Internet services and administers the computer systems of the spiritual leader's government-in-exile, located in Dharmsala, India.

Tsering also alleges that Tibetan lobby groups were also targeted by the unnamed virus, which is designed to fool the unwary by posing as an email from the Dalai Lama's office. Chinese crackers also attempted to break into Tibetan systems in 1999 and 2001, Tsering also believes.

The latest virus-infected emails, capable of lifting confidential files from PCs used by the Centre, were traced back to six different addresses in China, used by government and educational institutions.

This evidence, such as it is, falls short of convincing proof and could be explained by innocent infection of Chinese machines by SirCam, or the like.

AV experts, however, suggest it is possible that China could have developed bespoke malware in an attempt to obtain confidential emails or documents from the Tibetans. Such cyber nasties would have a greater chance of evading detection than well known viruses.

Graham Cluley, senior technology consultant at Sophos AV, said it was more likely that the reports referred to a piece of malicious spyware or Trojan horse than a conventional virus.

Given the political strains between China and Tibet its not surprising that Tsering has drawn the worst possible inference about a darker purpose behind the virus infected emails.

The allegations come at a time of particular political sensitivity. A Tibetan government in exile was established by the Dalai Lama in 1959, following China's occupation of the mountainous country. AP reports that a delegation of exiled Tibetans is visiting Tibet this month for the first time since 1985.

China is yet to comment publicly on the allegations. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.