It probably doesn’t take a genius to work out who would have the greatest motive for spying on Chinese supporters of the Dalai Lama.
The Tibetan Government in Exile is no stranger to being on the receiving end of hacking and malware attacks, having been battered by a series of attacks assumed to have originated in China over the years.
In the latest incident, researchers at Kaspersky Lab have warned internet users to stay away from the Chinese-language version of the Central Tibetan Administration’s website, after discovering that it exploits a Java vulnerability to drop spyware onto visiting computers.
This is what is known in computer security circles as a “watering hole attack”.
Hackers breach a website known to be visited by a particular group of targets, rather than directly launch an attack against the targets themselves. Eventually someone visits the “watering hole” and their computer ends up poisoned and compromised.
Once again, it’s important to stress how important it is to keep web servers, and the software running on them, up-to-date with security patches to lessen the chances of hackers being capable of embedding malicious code.
The hackers may not actually be that interested in stealing information from your website and its servers, but may be much keener to spy upon and exploit the computers which visit it.
Read more about this particular attack in this blog post by Kaspersky Lab researcher Kurt Baumgartner.