Monday, February 01, 2010


'Climate emails hacked by spies'

Interception bore hallmarks of foreign intelligence agency, says expert

By Steve Connor, Science Editor

Monday, 1 February 2010

A highly sophisticated hacking operation that led to the leaking of hundreds of emails from the Climatic Research Unit in East Anglia was probably carried out by a foreign intelligence agency, according to the Government's former chief scientist. Sir David King, who was Tony Blair's chief scientific adviser for seven years until 2007, said that the hacking and selective leaking of the unit's emails, going back 13 years, bore all the hallmarks of a co-ordinated intelligence operation – especially given their release just before the Copenhagen climate conference in December.

The emails were stolen from a backup computer server used by the University of East Anglia. They contained private discussions between climate scientists that have embarrassed those involved, particularly Professor Phil Jones, who has stepped down from his post as head of the unit pending an independent inquiry into whether there is any evidence of scientific misconduct. He is not implicated in the hacking.

In an interview with The Independent, Sir David suggested the email leaks were deliberately designed to destabilise Copenhagen and he dismissed the idea that it was a run-of-the-mill hacking. It was carried out by a team of skilled professionals, either on behalf of a foreign government or at the behest of anti-climate change lobbyists in the United States, he said.

"A very clever nerd can cause a great deal of disruption and obviously make intelligence services very nervous, but a sophisticated intelligence operation is capable of yielding the sort of results we've seen here," Sir David said.

"Quite simply, it's the sophistication of the operation. I know there's a possibility that they had a very good hacker working for these people, but it was an extraordinarily sophisticated operation. There are are several bodies of people who could do this sort of work. These are national intelligence agencies and it seems to me that it was the work of such a group of people," he said.

More than 1,000 emails, and some 2,000 documents, were stolen from a university back-up server where remote access is difficult. This represents a small fraction of the total number of emails for the period from 1996 to 2009, suggesting they had been selected for the most incriminating phrases relating to possible scientific misconduct and breaches of the Freedom of Information Act. The leak of the emails in the weeks running up to the climate change conference in Copenhagen appeared to be carefully timed to destabilise the meeting.

"I don't think that it's a coincidence that the stealing of the emails from the individuals involved in East Anglia was put out for publication one month before Copenhagen. That wasn't a coincidence," Sir David said. "The emails date back to 1996, so someone was collecting the data over many years. It looks like possibly the work of an intelligence service. What it was was a very well co-ordinated part of a campaign. It was a difficult piece of work to get that done.

"I've no inside knowledge except for the fact that I did work with our [intelligence] agencies, and the American agencies, that I have some experience," he added.

The existence of the stolen emails came to light on 17 November when someone tried to load them onto the RealClimate website run by climate scientists, including Gavin Schmidt of Nasa's Goddard Institute for Space Studies. Dr Schmidt said that the hackers were using a legitimate computer based in Turkey as a proxy server but the attack could have been launched from another computer anywhere in the world.

He attempted to disable the hacking operation as it was taking place, but was prevented several times before finally succeeding because the hackers had penetrated deep into the website's database software. This required considerable skill and knowledge which an opportunistic hacker would not have had, he said. "That requires some kind of monitoring-tool set-up and required them to have more access than you would get by simply logging into the blog," Dr Schmidt said.

Two days after the attempted RealClimate hack, the file of stolen emails appeared on a server used by a company called Tomcity operating from the Russian city of Tomsk in Siberia. However, again, the uploading could have been done by someone operating a proxy server anywhere else in the world.

Experts have suggested that loading the email file onto a Tomsk computer server may have been a clumsy attempt to lay a trail to the door of the Russian intelligence service, which has since denied any involvement in the hacking incident. Some commentators in Russia have said that China had more to gain from destabilising the Copenhagen conference than Russia.

Sir David said, however, that it was not possible to dismiss the possibility of Russia's involvement. "If it was a job done on behalf of a government, then I suppose there is the possibility that it could be the Russian intelligence agency," he said.

"If it was a maverick group then I suppose it could be the Americans, but I am hazarding a guess as much as anyone else. The only thing is, I've worked within government and I've seen this in operation," Sir David added. "It was a sophisticated and expensive operation. In terms of the expense, there is the American lobby system which is a very likely source of finance. Right now, the American lobbyists are a very likely source of finance for this, so the finger must point to them," he said.

Norfolk Constabulary is conducting an investigation into the hacking but said yesterday it would not comment on speculation that a foreign intelligence agency was involved. The University of East Anglia also said that it could not comment.

Cyber crime: The 21st century threat

*Espionage once conjured images of lonely spooks on foreign assignations during the height of the Cold War. Not any longer. The rise of capitalism, a free-market economy and an interconnected digital world have changed those terms of engagement.

Last week Hillary Clinton issued a warning to China and Russia to tighten up their internet security amid a growing threat of international cyber crime. "We cannot afford in today's interconnected world to have too many instances ... where companies' accounts can be hacked into," she said. It came after Google threatened to end its operations in China following what it described as a "sophisticated and targeted" cyberattack on Google, Adobe and 20 other US companies.

More recently MI5 has accused China of setting up so-called "honeytraps" with a view to obtaining sensitive commercial secrets from top UK companies. According to The Sunday Times, promotional gifts handed out at business trade shows included cameras and memory sticks have allegedly been found to contain bugs that provide the Chinese with remote access to users' computers.

Estonia, too, has been a victim of cyber crime. In 2007 it was subject to a three-week cyber attack that saw hackers permeate firewalls and infiltrate websites of banks and political institutions, in a move that threatened to wipe out the country's digital infrastructure. Nato has now established a cyber-defence centre in the region and the FBI has despatched a computer security expert.

Last year, Russian hackers were accused of a sophisticated cyber attack which temporarily shut down two social networking sites in order to silence a Georgian blogger critical of Moscow's policies. Kunal Dutta

Dr Rajendra Pachauri

*With his swept-back hair and wispy beard, Dr Rajendra Pachauri looks every inch the climate change visionary. And as chairman of the United Nation's Intergovernmental Panel on Climate Change who accepted a Nobel Peace Prize alongside Al Gore in 2007 he has become an international figurehead in the battle against global warming and one of the most powerful figures at the Copenhagen summit. But a spate of controversy over recent IPCC research papers and a resurgent mood among challengers to the theory of man-made climate change have led many to wonder who, exactly, he is.

According to the "brief" two-page CV on his personal website, Dr Pachauri, 68, juggles his UN role with his position as chief executive of The Energy and Resources Institute (TERI) which has strong historic ties (although not for the past decade) with the Tata Group, India's largest privately-owned corporation which also owns Jaguar, Land Rover and steelmaker Corus in the UK. His critics say the other high-profile positions he holds – more than 20 – with banks, universities and think tanks could pose potential conflicts of interest with his UN role. Among his many directorships was one from 1999-2003 with the Indian Oil Corporation. Dr Pachauri says he receives no money for these roles.

Yet he began his career as an engineer working with the Diesel Locomotive Works in Varanasi. Today, despite cooling relations with the Government, he is one of India's most famous figures, inhabiting the exclusive Golf Links area of Delhi where Lakshmi Mittal, Britain's richest man, owns a house and where, despite owning his own electric car, he was photographed this week being chauffeur-driven on the one-mile journey to his offices in a 1.8-litre Toyota.

Perhaps most intriguingly, the cricket-loving environmentalist showed yet another side to his personality with the publication this month of a raunchy novel, Return to Almora, about an ageing academic looking back over his spiritual and sexual journey through life. Jonathan Brow

No comments: