Technology TEDTalks

Did China hack the Dalai Lama’s email? How a human-computer collaboration traced the clues

“Man versus machine” is not an idea that Shyam Sankar believes in. In today’s fascinating talk, given at TEDGlobal 2012, Sankar urged us to think about how human ingenuity can combine with computers’ ability to parse data to solve some of the world’s most pressing problems. His point: Technology should make use of human creativity, rather than aiming to replace it.

Below, in a TED Blog exclusive recorded at TED2010, Sankar explains how his company, Palantir Technologies, helped create software to solve a mystery: Who hacked the Dalai Lama’s email?

Here is the story.

In 2008, an unnamed country received an email from China warning them not to host the Dalai Lama for a scheduled visit. The email was startling for a single reason: The upcoming visit was not public knowledge yet. And so the country brought in a team of data experts to find out where the message had come from and how this sensitive info had been leaked. The team used Palantir’s data analysis tools to help crack the case.

As it turns out, the Dalai Lama’s email had been targeted by spies using a practice known as “spear-fishing” — in which hackers do research on a specific person to create an email that looks like it came from someone they know well. The email includes an attachment that, if opened, gives hackers access to the target’s computer without their knowledge. As Sankar explains, hackers can not only read your email, export documents and send emails as you — they can even turn on your webcam and hear every word you say.

In this case, the hackers had downloaded negotiation documents off the Dalai Lama’s computer.

“These guys literally took the goods while sitting at home in their pajamas,” says Sankar in the talk.

But in the hands of a team of human data experts, Palantir’s technology helped showed something even more sinister at work. About 1,300 computers in 103 countries had been infected in the same way. The computers belonged to both individuals and companies with interests in Southeast Asia. And this network had existed for a shocking two years before it was made visible.

It’s a story that should warn us all to be very careful when it comes to opening attachments.