Hello,
I was going through the news report about China having 'hacked' our defence computers and allegedly stolen some information. They are even alleged to have stolen email records of 1 year of the Dalai Lama.
My query towards those who may have more information about the same is as follows.
1. Are the compromised machines running doze or Linux? If doze then they are asking for trouble.
2. Since emails are stored as a single database file, how does the attacker steal only one year's record? How does he remotely slice a database inbox file date wise and copy it unless he has had long term access to the user_name and password and keeps copying and saving mails together in a clone offline email client like Thunderbird etc. or one by one using a web interface. Otherwise he has to compromise the actual email server that is hosting the email software and steal the entire inbox file, which is more difficult.
As per outlook India following website has the study which is the basis for the news
http://shadows-in-the-cloud.net/ it redirects to http://www.scribd.com/doc/29435784/SHADOWS-IN-THE-CLOUD-Investigating-Cyber-...
It says many computers were compromised including, High commission of India, UK National Informatics Centre, India New Delhi Railway station (*railnet.gov.in), India Times of India, India and others
Or did I interpret it wrong?
If you can find anything interesting, please share.
Revant
-
(रेवंत) Revant Nandgaonkar -
Rony