What should we make of this Chinese cyber-spy story?

Yesterday's story in the New York Times about "GhostNet," the Chinese-based computer spying network that has apparently penetrated some 1,295 computers in more than 100 countries around the world, obviously raises this big question: Was the Chinese government behind it, or not? Three of the four servers that hosted GhostNet were apparently inside China (the fourth was in California), and many of the targets were involved one way or another in Free-Tibet activities or other causes opposed by the Chinese government. Wouldn't it have to have been the ChiComs?

Maybe, maybe not. I've now read (thanks to a stop-by at free WiFi site masquerading as a McDonald's) the 53-page report from the University of Toronto team that used clever reverse-engineering tools to penetrate "GhostNet" and monitor it from within. The report, in the Scribd format that deserves discussion itself some other time, is available here.

The U Toronto researchers are, in my view, properly agnostic about who is ultimately responsible for this malware operation. On the one hand, they point out that "China is actively developing an operational capacity in cyberspace.... Chinese cyber warfare doctrine is well developed, and significant resources have been invested by the People's Liberation Army and security services in developing defensive and offensive capabilities." But on the other hand,

"Attributing all Chinese malware to deliberate or targeted intelligence gathering operations by the Chinese state is wrong and misleading... The most significant actors in cyberspace are not states.... In China, the authorities most likely perceive individual attackers [ie, teenagers in internet cafes] as convenient instruments of national power."

For anyone technically inclined, the report is full of fascinating crime-procedural type details about the way the investigation unfolded and what the GhostNet system revealed once the moles from Toronto had made their way inside. 

My guess is that the "convenient instruments" hypothesis will eventually prove to be true (versus the "centrally controlled plot" scenario), if the "truth" of the case is ever fully determined. For reasons the Toronto report lays out, the episode looks more like the effort of groups of clever young hackers than a concentrated project of the People Liberation Army cyberwar division. But no one knows for certain, and further information about the case is definitely worth following. As are this new report on "The Snooping Dragon" by computer scientists at the Cambridge University in England and the University of Illinois, and this very good Wired blog item.   One more thing to worry about be interested in.

Presented by

James Fallows is a national correspondent for The Atlantic and has written for the magazine since the late 1970s. He has reported extensively from outside the United States and once worked as President Carter's chief speechwriter. His latest book is China Airborne. More

James Fallows is based in Washington as a national correspondent for The Atlantic. He has worked for the magazine for nearly 30 years and in that time has also lived in Seattle, Berkeley, Austin, Tokyo, Kuala Lumpur, Shanghai, and Beijing. He was raised in Redlands, California, received his undergraduate degree in American history and literature from Harvard, and received a graduate degree in economics from Oxford as a Rhodes scholar. In addition to working for The Atlantic, he has spent two years as chief White House speechwriter for Jimmy Carter, two years as the editor of US News & World Report, and six months as a program designer at Microsoft. He is an instrument-rated private pilot. He is also now the chair in U.S. media at the U.S. Studies Centre at the University of Sydney, in Australia.

Fallows has been a finalist for the National Magazine Award five times and has won once; he has also won the American Book Award for nonfiction and a N.Y. Emmy award for the documentary series Doing Business in China. He was the founding chairman of the New America Foundation. His recent books Blind Into Baghdad (2006) and Postcards From Tomorrow Square (2009) are based on his writings for The Atlantic. His latest book is China Airborne. He is married to Deborah Fallows, author of the recent book Dreaming in Chinese. They have two married sons.

Fallows welcomes and frequently quotes from reader mail sent via the "Email" button below. Unless you specify otherwise, we consider any incoming mail available for possible quotation -- but not with the sender's real name unless you explicitly state that it may be used. If you are wondering why Fallows does not use a "Comments" field below his posts, please see previous explanations here and here.

Why Principals Matter

Nadia Lopez didn't think anybody cared about her middle school. Then Humans of New York told her story to the Internet—and everything changed.


A History of Contraception

In the 16th century, men used linen condoms laced shut with ribbons.


'A Music That Has No End'

In Spain, a flamenco guitarist hustles to make a modest living.


What Fifty Shades Left Out

A straightforward guide to BDSM

More in Technology

From This Author

Just In