Tracking GhostNet: Investigating a Cyber ... - Nart Villeneuve
Tracking GhostNet: Investigating a Cyber ... - Nart Villeneuve
Tracking GhostNet: Investigating a Cyber ... - Nart Villeneuve
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
51<br />
About the Information Warfare Monitor<br />
http://infowar-monitor.net/<br />
The Information Warfare Monitor is an advanced research activity tracking the emergence of cyberspace<br />
as a strategic domain. We are an independent research effort. Our mission is to build and broaden the<br />
evidence base available to scholars, policymakers, and others. We aim to educate and inform.<br />
The Information Warfare Monitor is a public-private venture between two Canadian institutions: The<br />
SecDev Group, an operational think tank based in Ottawa (Canada), and the Citizen Lab at the Munk<br />
Centre for International Studies, University of Toronto. The Principal Investigators and<br />
co-founders of the Information Warfare Monitor are Rafal Rohozinski (The SecDev Group) and<br />
Ronald Deibert (Citizen Lab).<br />
The Information Warfare Monitor is supported by The SecDev Group which conducts field-based<br />
investigations and data gathering. Our advanced research and analysis facilities are located at the<br />
Citizen Lab. IWM is part of the Citizen Lab’s network of advanced research projects, which include the<br />
OpenNet Initiative and ONI Asia.<br />
The Information Warfare Monitor also benefits from donations from a variety of sponsors including<br />
Psiphon Inc, and Palantir Technologies.<br />
The Information Warfare Monitor engages in three primary activities:<br />
1. Case Studies. We design and carry out active case study research. These are self-generated<br />
activities consistent with our mission.<br />
We employ a rigorous and multidisciplinary approach to all our case studies blending qualitative, technical,<br />
and quantitative methods. As a general rule, our investigations consist of at least two components:<br />
Field-based investigations. We engage in qualitative research among affected<br />
target audiences and employ techniques that include interviews, long-term in situ<br />
interaction with our partners, and extensive technical data collection involving<br />
system monitoring, network reconnaissance, and interrogation. Our field-based teams<br />
are supported by senior analysts and regional specialists, including social scientists,<br />
computer security professionals, policy experts, and linguists, who provide additional<br />
contextual support and substantive back-up.<br />
Technical scouting and laboratory analysis. Data collected in the field is rigorously<br />
analysed using a variety of advanced data fusion and visualization methods. Leads<br />
developed on the basis of infield activities are pursued through “technical scouting,”<br />
including computer network investigations, and the resulting data and analysis<br />
is shared with our infield teams and partners for verification and for generating<br />
additional entry points for follow-on investigations.