My Personal Cyber-Spy
posted by Jocelyn Ford on Sunday, March 29. 2009
If you're at all concerned about privacy in this day and age, take a look at this report "The snooping dragon: social-malware surveillance of the Tibetan movement."
While malware attacks are not new, the abstract says there are two reasons to pay attention to the new tactics.
"First, it was a targeted surveillance attack designed to collect actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed. Second, the modus operandi combined social phishing with high-grade malware... As social-malware attacks spread, they are bound to target people such as accounts-payable and payroll staff who use computers to make payments. Prevention will be hard."
Also check out or this article in the New York Times.
It outlines how computers based in China have compromised nearly 1300 computers in 103 countries, including government offices.
Over the past year I've been sending samples of suspected viruses to one of the researchers who helped investigate the snooping, Greg Walton. He said some of the attachments contained wicked viruses, and he suspects my communications are of interest to the Chinese government.
This is nothing new for foreign correspondents in China. We assume our phone calls may be monitored, as well as our computers. We are occasionally followed by flesh-and-blood umans.
What is new is the personalized e-touch.
I appear to have my own cyber-spy. Let me give you a recent example.
Not to long ago I received an email from someone who declared in the subject line he was a friend of a journalist friend of mine.
It read. "Hello. I am a Journalist in ghana. I get a fccc agenda,can you help me,check it.I am afraid is a worm."
The sender was referring to the Foreign Correspondents' Club of China. I head the FCCC's media freedoms committee.
I advised the sender not to open the agenda.
Then he went through an elaborate game of trying to lure me to open what appeared to be a word document. He wrote:
"I just open it. not virus :)
ok. because file is "txt". txt very safe. :)
He copied part of an agenda which I had authored, so I knew that part was authentic. Then, he followed up with this message.
"Sorry.I send an error.Not send you.Sorry.
Don't open that file.Please Delete mail.
It's private. Secret"
After that, he gave the name of another journalist I know.
Meanwhile, I asked the first friend he named, and she said she didn't know any African journalists.
Actually, I would be delighted if such snooping were a fast-track to people in the Chinese government who the FCCC would like to alert about our many concerns about media freedoms.
I doubt that's the case. But for the record, the FCCC's agenda is to push for the free flow of information. We have nothing to hide.
While malware attacks are not new, the abstract says there are two reasons to pay attention to the new tactics.
"First, it was a targeted surveillance attack designed to collect actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed. Second, the modus operandi combined social phishing with high-grade malware... As social-malware attacks spread, they are bound to target people such as accounts-payable and payroll staff who use computers to make payments. Prevention will be hard."
Also check out or this article in the New York Times.
It outlines how computers based in China have compromised nearly 1300 computers in 103 countries, including government offices.
Over the past year I've been sending samples of suspected viruses to one of the researchers who helped investigate the snooping, Greg Walton. He said some of the attachments contained wicked viruses, and he suspects my communications are of interest to the Chinese government.
This is nothing new for foreign correspondents in China. We assume our phone calls may be monitored, as well as our computers. We are occasionally followed by flesh-and-blood umans.
What is new is the personalized e-touch.
I appear to have my own cyber-spy. Let me give you a recent example.
Not to long ago I received an email from someone who declared in the subject line he was a friend of a journalist friend of mine.
It read. "Hello. I am a Journalist in ghana. I get a fccc agenda,can you help me,check it.I am afraid is a worm."
The sender was referring to the Foreign Correspondents' Club of China. I head the FCCC's media freedoms committee.
I advised the sender not to open the agenda.
Then he went through an elaborate game of trying to lure me to open what appeared to be a word document. He wrote:
"I just open it. not virus :)
ok. because file is "txt". txt very safe. :)
He copied part of an agenda which I had authored, so I knew that part was authentic. Then, he followed up with this message.
"Sorry.I send an error.Not send you.Sorry.
Don't open that file.Please Delete mail.
It's private. Secret"
After that, he gave the name of another journalist I know.
Meanwhile, I asked the first friend he named, and she said she didn't know any African journalists.
Actually, I would be delighted if such snooping were a fast-track to people in the Chinese government who the FCCC would like to alert about our many concerns about media freedoms.
I doubt that's the case. But for the record, the FCCC's agenda is to push for the free flow of information. We have nothing to hide.
Share it:
SciFri on Facebook
SciFri on Twitter
SciFri in Second LifePopular Blog Posts
- Congressional Order of Merit - For A Price -- I almost won the Congressional Order of Merit, called by some winners of the award as the "most coveted civilian honor...
102 comments - Why is Diesel So Expensive? -- As someone who drives a diesel powered car - and getting 40 mpg - I'm continually comparing diesel oil prices with gasoline prices...
99 comments - Comments on Green Cars... -- Our SciFri show on green cars has led to comments that have no blog spot here, so I'll move them to this blog so that they can find a home...
72 comments - Bad Light Bulbs -- Thank goodness! I thought I was going nuts...
66 comments - Susbcription vs. Advertising -- With the stock market tanking and foundation underwriting on the decline, Science Friday is faced with a choice for the future of our web site: to increase our funding revenue from more advertising or to ask that our visitors pay a nominal subscription rate...
53 comments
SciFri Blog Authors
Do you ever say 'Gee, I wonder what Ira's thinking?' Well look no further. Read Ira's Blog 
Annette Heist, Senior Producer of Science Friday, chronicles her efforts to cut her home energy bills. Share your tips! Read Blog 
Carl Flatow talks food, the environment, and sustainability in this blog. Read Blog
Neil Wagner's "What on Earth?" comic strip uses humor to discuss global warming.
Read It!
Jocelyn Ford blogs from China. Read Blog
Your Stuff
Got some science you want to share? We're looking for your science-related audio, video, link suggestions, and story tips. - Read more -Search the Site
Elsewhere Online
Blog of the Nation from the staff of NPR's 'Talk of the Nation.'
While this is interesting, an equally interesting topic would have been to add details about what you're doing to protect yourself, assuming that even if you're doing it, disclosing defense mechanisms doesn't provide spies with an advantage.
(Reply)
Hi,
There are various manuals with details about how to improve internet security. Check the booklet by Reporters Without Borders
http://www.rsf.org/article.php3?id_article=15014. I figure I will not outsmart technical whizzes who are interested in foreign journalists, so I use low-tech techniques. On the very rare occasion I feel my communication may put someone else at risk, I avoid using communication devises I assume may be monitored, and try to meet in person. The problem is there are many closed circuit cameras and listening devices in Beijing, even on buses and in taxis, not to mention human monitors who may carry long-range recording devices. So it's quite possible if the interviewee is of great interest to the Chinese government our in-person communications could be surreptitiously monitored. I've been advised by a western government security officer that the old drop method remains the safest form of communication-- a single written copy physically transferred. I don't think I'm giving away anything that's not already in a spy novel.
(Reply)
Chinese even sell the most popular software dirt cheap to infect our computers. There are many cases at DigitalPoint forums this year.
Speaking about government sites sercurity, you can find a lot of hacked gov sites in Google while looking for popular keywords like ringtones or expensive retail brands.
Just my 2 cents.
(Reply)
Very scary. I agree with Dan. It would be great to see how you actually combat these intrusions.
(Reply)
This is Awesome!
How To Get Slim
(Reply)
Thanx for sharing this is interesting information.
(Reply)
Intrusions are scary but in todays unpredicatable world they are unavoidable. Be it in public places or in your homes there is a certian level of intrusion is necessary to protect the belongings and our loved ones.
(Reply)
Very frightening and one can only think George Orwell was right!
(Reply)
Thanx for sharing..it shows how suscpetible lives are to these gadgets in our day to day life
(Reply)
Thanx for sharing i love all these new gadgets
(Reply)
A very interesting but quite chilling read. I am on the internet for hours and hours every day. It's bad enough having to worry about virus attacks, but hearing that our private information can easily be stolen and used against us is even worse. But worst of all, though, is hearing that there is very little that can be done to prevent it. Very disturbing.
(Reply)
For every step forward we take,we take 3 back.We think we are making progress,but on the other hand we are becoming more and more vulnerable every day.
(Reply)
That is some scary stuff, man. Very interesting though.
(Reply)
This is nothing new person who intended to spread virus will do everything just to lure the victim, For example a type of document or message that really interesting to open like the previous I LOVE YOU virus.
(Reply)
The one thread that is common in all of this and is never actually talked about is the fact that Microsoft WINDOWS is the problem.
Get yourself a better OS and these threats are lessened.
(Reply)
True, but even us Linux users still aren't safe if we don't stay on our toes! If you are pro-active about your security, even Windoze users can be safe.
(Reply)