Ron Deibert, Director of the Citizen Lab at U of T's Munk Centre, is part of a team that has uncovered one of the largest online spy rings found to date. The report, released on Tuesday, is a collaboration between the Information Warfare Monitor, comprised of the Citizen Lab and Ottawa-based security consultancy SecDev Group, and the US-based Shadowserver Foundation.
The report, Shadows in the Cloud: An Investigation Into Cyber Espionage 2.0, reveals a spy network that targeted the Office of the Dalai Lama, India's military files, as well as diplomatic intelligence from 16 embassies around the world. The report explains that cyber attackers take advantage of vulnerable cracks in social networking sites, cloud computing, and free web hosting sites, but its authors remain unsure as to the attacker's motives.
While the interest in politically-sensitive targets as well as the network's core server locations pin the spies in China, the report's authors are reluctant to conclusively link the spies to the Chinese government.
Deibert explains that finding a direct link is improbable; he likens the suspected relationship between China and the spy network to the kind of privateering that set pirates on the High Seas to accomplish work for non-arms-length governments. China could benefit from the hacking activity, whether or not they direct the spies' operations.
It's not expected that China will shut down the Shadow network. For Deibert, “it means that they either condone such activities, or they are directly responsible for them in some way, or they don't actually have the capacity to shut it down.”
If China engages and shares information with the Information Warfare Monitor, that would go a long way to prove they want to eliminate the China-based spy activity.
The report advocates developing a global policy around cyberspace.
“Right now, we have cyberspace being rapidly degraded by censorship and surveillance and militarization.” The Citizen Lab - which works at the junction of human rights, digital media and global security – fights this through their research.
“I have some values around the internet that I hold dearly, and one of them is that it should remain an open, public commons for the free expression and access to information for citizens of all the world. And that's not going to happen if it's torn up by militarization and espionage of the type that we're uncovering.”