A series of memos leaked earlier this month implicated the Indian government in possible espionage against the U.S.-China Economic and Security Review Commission (USCC). Reuters reports that new information stemming from a U.S. investigation suggests Chinese hackers may actually be the culprits.
Earlier this month, a band of hackers calling themselves the Lords of Dharmaraja claimed to have infiltrated India's military network. The group followed up by leaking internal intelligence memos purportedly from India's government. The documents suggested India may have been spying on the USCC by utilizing supposed backdoors found in smartphones from RIM, Nokia, Apple and others. Although the existence of such backdoors remains speculation, the irony is difficult to ignore.
India's government fervently denied the authenticity of the memos while Apple denied the inclusion of a backdoor in any of its mobile products. RIM and Nokia declined to comment.
The United States launched a subsequent investigation to determine more. After examining the huge cache of raw data collected from the attack, anonymous U.S. officials claim to have determined the primary target was not the USCC but rather the National Foreign Trade Council (NFTC). The targeted organization is based in the U.S. and aims to promote free trade, but is not a governmental body.
William Reinsch, the head of the NTFC, seemed to be a particular interest to hackers. Reinsch is also a former U.S. Commerce Department official who happened to serve as chairman of the USCC. This fact adds some distant truth to earlier claims that the USCC was hacked, but the claim is ultimately false according to reports.
The Lords of Dharmaraja claimed to have pilfered piles of documents, files, emails and proprietary source code from over a "dozen companies". One such company embroiled in this claim is Symantec. After the memos were leaked, hackers threatened to release the source code for Norton Anti-virus but decided to belay the action, stating "We've decided not to release code to the public until we get full of it =) 1st we'll own evrthn we can by 0din' the sym code & pour mayhem".
Symantec has given mixed statements regarding the incident, but the company most recently told Reuters that the sample of released code appears to be from a security breach of Symantec's own servers in 2006. This suggests that the Lords of Dharmaraja may have never actually stolen the source code the Indian intrusion and such threats to publish it may simply be a farce.