4/28/2009
Written by
University and industry researchers revealed on Monday the results of a 10-month investigation into a malicious network of surveillance software, dubbed GhostNet, that they linked to China. The investigation was led by Information Trust Institute researcher Shishir Nagaraja, and was conducted in part by using software designed at Palantir Technologies, a company founded by UI alumnus Nathan Gettings.
The surveillance network, which targeted systems used by the offices of the Dalai Lama and Tibetan independence organizations, had infected 1,295 computers in 103 countries, almost a third of which were considered high-value targets including systems at various embassies, the Asian Development Bank and the Association of Southeast Asian Nations (ASEAN). The investigation, carried out by two teams of researchers, led back to command and control servers housed in China. The conclusions were published in a research note penned by two academic researchers at the University of Cambridge and a longer analysis published by CitizenLab, a group affiliated with the University of Toronto (corrected).
Shishir Nagaraja, a research fellow at the University of Illinois at Urbana-Champaign was one of the authors of the University of Cambridge report.
Palantir Technologies, co-founded by UI alumnus Nathan Gettings, is working to radically change how groups analyze information. The company's two products, Palantir Government and Palantir Finance, are platforms for integrating, visualizing, and analyzing the worlds information. The products support many kinds of data including structured, unstructured, relational, temporal, and geospatial; and are built for real analysis with a focus on security, scalability, ease of use, and collaboration.