Shadow Network Revealed - Taking Cybercrime to a WNL

Canada sure is on a roll. The Vancouver Olympics were great, we got Gold in hockey, the loonie is now at par with the greenback, and now this. We all know how the Web can be used for evil just as well as for good, but as they say on MAD TV, this takes it WNL - to a whole, nutha, level.

Today we have news about Shadow Network, the latest big reveal about just how far cybercrime is going, with a lot of insidious links to China. There are a number of threads here, so just bear with me. Shadow Network is the name for an extensive series of sleuth-like discoveries made by the University of Toronto along with Ottawa-based security experts SecDev, and U.S.-based Shadowserver Foundation. The findings are summarized in a report that was just released today. It's titled "Shadows in the Cloud", and you can download it here (after a quick registration on Scribd - if you don't have that already).

If this is news, and you have concerns about cybercrime and online privacy - and you damned well should - you'll definitely want to explore this. Quickly...

First - the above link is to the front page story in today's Globe & Mail.

Second - from this link, you can read a profile of the guys behind these discoveries - particularly Canadians Nart Villeneuve, Greg Walton and Prof. Ron Deibert. This stuff reads right out of a spy novel, and I don't think Ian Fleming could have done a better job.

Third - this story builds on an equally jarring discovery this group made almost exactly a year ago. This was called GhostNet, and I've written about it a few times, especially here.

When you look at what's happening with Shadow Network and GhostNet, it's pretty hard to feel safe on the Web, especially if you have reasons to be critical of some things that go on in China. I'm not trying to single out one country in particular - we know bad stuff happens everywhere - but it's particularly interesting given Google's recent pullback from China. I wrote about this recently, especially about what this milieu could mean for service providers of all stripes.

You can proclaim all day long that Google left on principle and did not wish to continue catering to China's censorship demands. That's all true, but I suspect the reasoning is just as much related - if not more - to the security hacks Google experienced in China. That's not just bad for business, but breaches like this can fatally undermine their intellectual property - and in the Internet world, that's the foundation of the business. Needless to say, they weren't about to let that continue - would you?

Finally, all of this hits closer to home in a very timely way. As we speak, the blogerati and twitterati are furiously talking up today's Net Neutrality news. As you no doubt know by now, the FCC has lost its case against Comcast, and the cablecos - and other facilities-based operators - are free to manage their networks as they see fit. Needless to say, this has negative implications for competitors who bring traffic over their pipes, and it won't be long now before "traffic shaping" becomes another four letter word.

This may seem a bit of a stretch, but Net Neutrality and Shadow Network are really not that far apart. In theory, nobody owns the Internet, but clearly powerful and/or devious players can make this a very uneven playing field. This is a far cry from the Arpanet vision, and the dark side of human nature seems to be getting the upper hand right now. Let's hope it doesn't stay that way, and that the good guys behind Shadow Network keep up the good work. Go Canada!

Project GhostNet - Canada (and Google) Saves the World From Cyber-Spying - Again!

Wow, what a story. While most people I know are at either VoiceCon or CTIA this week, this one is worth staying home for. Also, I'm sure all the Skype followers are focused today on the news about working with the iPhone - and that IS a big story. However - for very different reasons - I'm sure you'll find this one of interest too.

This was a front page story in today's Globe and Mail, and no doubt many other Canadian dailies. I don't particularly follow cyber-crime, but this story is pretty incredible, and for the VoIP crowd there's an important Skype tangent. This will make a great thriller movie some day (maybe I should write it!) with all kinds of angles that normally don't have much to do with one another - China/Tibet, cyber-spying Toronto, Canada, Google and Skype. Are you intrigued? Read on, please.

In short, a team of academics/tech researchers based at the University of Toronto's Munk Centre for International Studies, discovered a Dr. Evil-like cyber-spying network with global implications. The threat is largely around how data that is sensitive to Tibet's security is being poached and monitored from PC's all over the world, and how many of the links point to servers located in China. I'll stop there - am sure you can imagine for yourself just how charged these issues and allegations are. Phew!

I'll leave the politics aside, but as the reports describe, it's a story that took a life of its own with one small discovery leading to many others, and finally to the news that went public today. I'm no hacker, but can appreciate how complex these things are, and how you have to think like a hacker to reveal the Rosetta Stone that gets you on the trail to the source.

Incredibly, the breakthrough that cracked the code was not an ingenious repeat of what went into Colossus (the famous Bletchley Park-developed computer that solved the code of Nazi messages - arguably saving Britain from defeat in WWII) - but a simple Google search!!! Amazing, Mr. Smart, as Harry Hoo would have said to Agent 86 in his slow, incredulous manner.

If that doesn't get you going, I don't know what else will. There's a lot to this story, and I'll steer you straight to the article from today's paper. I love citing the online edition of stories because you also get the reader comments. At last count there was well of over 500 comments, so if cyber-spying is your thing, you could be reading for a while.

This story should be of huge interest to anyone working in PC/Internet security, as it highlights just how vulnerable we can be. As smart as we think we are, the bad guys are often smarter, but in the end - and here's the scary part - nobody is smarter than Google! What does it say about cyberspace when an operation this sophisticated can ultimately be exposed by searching on Google? Sure makes you wonder what else about our personal/private lives is just a few clicks away from those don't have the best of intentions.

So many implications to consider here, but I want to just touch on a couple here - and perhaps this will lead to some interesting dialog about other things...

First, waving the flag, it's great to say that this discovery/expose came from Canada, primarily Toronto, and some from Ottawa. The article provides quite a bit of detail about them, but the key players are Nart Villeneuve, Greg Walton and Ron Deibert from the lab at U of T, and the Ottawa-based SecDev Group.

Second - here's where the Skype connection comes in. This isn't the first time China has been associated with compromised data security. Last fall, just after the Beijing Olympics, there was an unsettling discovery about how Skype traffic was being monitored in China. Ugh. I posted about it, and the story was widely covered in the media and blogosphere.

So why am I dragging Skype back into this messy place again? Well - the same team at U of T that just exposed this cyber-spy operation also discovered what was happening to Skype in China. I know what you're thinking --- if they're smart enough to do GhostNet, when you've got a cyber-spy problem, who ya gonna call?