When Greg Walton began sifting through the files recovered from one of the biggest Internet spy rings ever cracked, the evidence didn't immediately strike him as a high-stakes espionage case.
The first stolen file Canadian researchers unearthed seemed innocuous. It was an e-mail sent from people in the tiny village of Pooh in India to the Dalai Lama. The small Himalayan enclave was sending 34 boxes of "our finest apples" to the Tibetan leader to wish him a long and healthy life.
"Nothing Earth shattering," Mr. Walton said.
But soon, Mr. Walton and his colleagues found far more dangerous e-mails in the recovered files that were linked to servers in China.
The spy ring linked to China had Indian national security files, including details of the Pechora missile system, an anti-aircraft, surface-to-air weapons project. Other documents contained data related to the Iron Dome missile system, and Project Shakti, an artillery combat system.
Documents related to military training schools were also found, along with information on troops. Computers at Indian corporations, including YKK India and Tata, had also been compromised.
Mr. Walton, an expert on the region who conducted the field research in India for the investigation, was amazed.
"I thought, wow, that's the whole Indian defence establishment," he said yesterday as the researchers prepared to issue their report on the online espionage, titled Shadows in the Cloud: An Investigation Into Cyber Espionage 2.0. The report is a collaboration involving Ottawa-based consultancy SecDev and the Munk School of Global Affairs at the University of Toronto.
The report stops short of blaming the Chinese government, mainly because the researchers just aren't sure. China has shrugged off allegations of cyber spying in the past, including Google's revelation in January that it was attacked late last year.
Often, the government blames so-called "patriotic hackers," groups of people in China loyal to the state who launch rogue attacks.
"We cannot establish links to the People's Republic of China government," Mr. Walton said. "But at the same time, there is a growing body of evidence that there's some kind of relationship between the state's specific agencies and the computer underground - the hacking scene - in China."
The official position of China is that the state does not support such measures.
However, Mr. Walton said the government does not discourage the activity. China "has a vibrant hacker community that has been tied to targeted attacks in the past, and has been linked through informal channels to elements of the Chinese state," says the report, which will be made public today.
Even if the government isn't behind the attacks, "information that is independently obtained by the Chinese hacker community is likely to find its way to elements within the Chinese state," the report says.
Cyber spying is not limited to China. It is plausible that most major powers in the world are engaging in some form of online espionage, the researchers believe.
"If we looked in another part of the world with a different set of victims, we'd probably find entirely different cyber espionage networks," said Ron Deibert, director of the Citizen Lab at the Munk School of Global Affairs. He calls it a new form of arms race, one that is cheaper than the other methods of espionage, such as satellite networks that cost billions.
For now, the Indian government is not reacting to the report's findings. Mr. Deibert met with government officials late last week to inform them of the forthcoming report. They thanked him for the meeting and seemed "taken aback," Mr. Deibert said.
In the past, government officials in India have dismissed suggestions that online spies from China have infiltrated the country, and the government has been reluctant to discuss the matter publicly.
Grant Robertson