The New York Times broke a story on Sunday that has since stirred up some local interest (and some national interest as well): Toronto researchers Greg Walton and Nart Villeneuve of the U of T Munk Centre for International Studies’ Citizen Lab were, along with Ottawa-based consultancy SecDev, instrumental in ferreting out some very shady spy activity happening on at least 1,295 computers around the world, approximately 30% of which were owned and operated by so-called “high-value” targets, including journalists, embassies—even the Dalai Lama. A lot of the data necessary for the investigation was gathered abroad, but the brunt of the analysis happened right here, in Toronto, under the aegis of U of T.
Full details of the investigation are now available in a fifty-seven page document posted on the website of Information Warfare Monitor, a self-described “independent research effort” bent on investigating online information use and security, with which Citizen Lab is affiliated. In a press conference yesterday at the Munk Centre, Walton and Villeneuve, along with Citizen Lab director Ron Diebert and SecDev principal Rafal Rohozinski, gave what amounted to an executive summary of that long document. (Torontoist, strangely, was not invited to the conference, so we made do with the webcast, which is screencapped below.)
“For technical people, it’s called spear-fishing,” said Villeneuve, referring to the infiltration technique used by the spies. Spear-fishing consists of a crafty combination of social engineering and Trojan horse infection. Someone constructs a plausible email and sends it directly to a target user, with a word document or .pdf attachment. The attachment opens as expected when the user clicks on it, but at the same time it surreptitiously runs a small piece of code which opens a “back-door” in the victim computer, enabling the electronic assailant (please enjoy our many different ways of avoiding the politically charged epithet “hacker”) to download additional malicious code onto its hard drive at any time they choose. The attacker can then steal files, log keystrokes, and even use whatever webcams and microphones happen to be connected to the infected machine. Whoever was behind these attacks (circumstantial evidence points to the Chinese government, but Citizen Lab and SecDev refuse to make accusations) must have repeated these steps dozens, if not hundreds of times. “We’ve entered the age of do-it-yourself signals intelligence,” said Diebert.
The Toronto press have by and large responded to the “home-town hero” aspect of the story. The Globe and Mail ran a picture of Villeneuve, Diebert, and Walton on their front page yesterday morning, under the headline: “Meet the Canadians who busted GhostNet.” This is indicative of what seems to be a general sense that this counter-intelligence success belongs, first and foremost, to Canada. At the press conference, Rohozinski, of SecDev, echoed this sentiment: “We are a country of cyberspace,” he said. “We are spread across one of the largest territories in the world. What keeps us together is telecommunications.” Rohozinski sees his and Villeneuve and Walton’s achievement as evidence that Canada is poised to take a leadership role in the formulation of a body of rules of engagement for the Internet, along the lines of those that already exist for “airspace, sea lanes, [and] road travel.” He even went so far as to call for “an international legal regime governing cyberspace.”
“It doesn’t need to be onerous,” said Rohozinski, “it needs to be something which is agreed upon.”
Could it be that Toronto is on the leading edge of a new breed of technologically infused civil society? Is that a rhetorical question? No, it isn’t. This is something we’re truly curious about. This city is, after all, the place that gave the world the BlackBerry, which was for many people a potent first taste of ubiquitous computing applications to come (and keep on coming). It makes sense that a city where going outside is physically painful for six months a year and where everything is a little bit of a hike from everything else would have an unusually keen interest in high-speed communications. Maybe all the bodies in Toronto’s coffee shops, hunched over their tables with faces full of laptop glow, are the future’s model citizens.