Commentary

Let’s Build Up The Firewalls

Computers dominate our lives. On Sunday, The New York Times reported that a huge electronic spying operation from Chinese servers named GhostNet has infiltrated computers and stolen documents from hundreds of government and private offices around the world. Canadian researchers discovered the spy-net system. Their report on the finding is entitled “Tracking ‘GhostNet’: Investigating a Cyber Espionage Network.” The malicious software was focused around the Dalai Lama and on the governments of South Asian and Southeast Asian countries. Even so, GhostNet invaded at least 1,295 computers in over 103 countries, including machines in embassies and one desktop belonging to NATO. Aside from stealing documents and controlling mail servers, the system has an even more frightening ability: it can turn on the camera and speakers of an infected computer, enabling someone to covertly see and hear what goes on in a room. Andover students are presently mixed in a global obsession: the internet. We rely on our computers for 24 hour connectivity. Every student at this school is familiar with the internet, and the vast majority of our student body has a laptop where we store our work, music, pictures and other personal and business media. What if someone suddenly had access to that data? What if someone, anywhere in the world, was using your computer to eavesdrop on your conversations? This type of infiltration is especially horrifying because it is not limited to governments. Though government usage alone is uncomfortable to say the least, the technology of the recent malware will be available to anyone. A separate study done on GhostNet by a pair of Cambridge University computer researchers said that “what Chinese spooks did in 2008, Russian crooks will do in 2010 and even low-budget criminals from less developed countries will follow in due course.” Let’s hope that our firewalls rise to the challenge. All of us need to recognize that our computers are extremely vulnerable. When I read the school-wide email telling us to reregister our computers, I was annoyed at the inconvenience. But malware and spyware aren’t a negligible danger, the German embassy staff can tell you. The success of GhostNet serves as a wake-up call for governments and individuals alike. In order to prevent a computer from being infected with any sort of malware, one could be pro-active and download legitimate security software. The computer would then be better protected, but the commercial defensive software available now can only do so much. Security professionals and policy makers need to find new ways to deal with the rising generation of spynets and their immensely disruptive capabilities. We must be wary in this increasingly dangerous cyber world. Being the victim of a cyber attack is no longer just the business of the Pentagon. Malicious software is a real threat that ought to receive our attention. Charlie Cockburn is a two-year Lower from Washington, D.C. ccockburn@andover.edu