When Norzin Wangmo used her computer and mobile phone two years ago to communicate with friends about protests in Tibet, she had no idea it would result in her torture and a five-year prison sentence.
Detained soon after sending the messages, the 30-year-old Tibetan government worker and writer was accused by officials of using the technology to inform the outside world about civil unrest in Tibet.
After months in detention, during which her friends said she was tortured, the five-year prison term was handed down. Few other details about Norzin Wangmo, who leaves behind a young son, are known.
No one is sure how Chinese intelligence obtained the details of her communications. But the story is a frightening example of the dark side of internet espionage on the mainland, where people perceived to be a threat to the state are targeted, including ordinary Chinese citizens, scholars, human-rights workers, journalists, diplomats and businesspeople.
Many security experts who study China believe the government is being fed information by a loose and shadowy network that includes the hacker community, organised crime and other parts of government, including security agencies and the People's Liberation Army (PLA).
'The sheer amount of energy and resources the Chinese government has thrown at this is enormous,' says Lhadon Tethong, director of the Canada-based Tibet Action Institute, which helps Tibetans fight for rights, primarily through the safe exchange of information, using sophisticated technology.
Many victims of internet espionage are quick to point a finger at the central government.
'Who else would attack us?' asks Chine Chan, a researcher for Amnesty International Hong Kong. 'It doesn't make sense unless it's the government.'
Security experts, however, are careful to explain that no smoking gun has yet been found linking the hacking and the use of malware - malicious software designed to secretly access a computer system - to Beijing.
Greg Walton, an independent cyber security researcher based in Britain, believes the attacks are the work of groups of players. He points to Chongqing, where there is a concentration of internet espionage control and command centres, as an example.
'Chongqing is interesting in that it's like a nexus of organised crime, the party, a big computer-hacking scene and all sorts of PLA installations,' he says. 'It's a combination of many forces that do these attacks. It's not a secret that the data is ending up with the state. Any other explanation is improbable.'
Experts say the spying is highly organised and professional, with some hackers working in shifts, even making note of when targets are having lunch or taking breaks.
It is also likely that many hackers are working independently and some targets are being compromised by more than one malware group, says Nart Villeneuve, a researcher at the Information Warfare Monitor (IWM), whose members include the Citizen Lab, Munk School of Global Affairs, the University of Toronto and the SecDev Group, a security consultancy based in Canada.
Walton says patriotic hackers are probably selling information to the government, providing it with 'another layer of deniability'.
Since last year, IWM has published two reports on cyber-espionage networks: 'Tracking GhostNet: Investigating a Cyber Espionage Network' and 'Shadows in the Cloud: An investigation into cyber espionage 2.0.'
GhostNet is the name investigators have given to a network of more than 1,200 compromised computers in 103 countries, including foreign affairs ministries, embassies, international organisations, news organisations and a computer in the headquarters of Nato. The network's command and control centre appears to be on Hainan Island, home of the Lingshui signals intelligence facility and the Third Department of the PLA.
In September and October 2008, IWM investigated alleged cyber espionage on the computer systems in various offices related to the work of the Tibet government in exile and other Tibetan groups. These included the Office of His Holiness the Dalai Lama, in Dharamsala, India, organisations in the United States, Britain, France, Belgium and Switzerland, and the office of Drewla, an NGO which runs an online outreach project that uses young Chinese-speaking Tibetans to talk with people in the mainland about the situation in Tibet.
The GhostNet report said some 70 per cent of the control servers behind the attacks on Tibetan organisations were located on IP addresses assigned to the mainland.
During an investigation at the Dalai Lama's private office, Walton observed as documents were being pilfered from the computer network, including a file containing thousands of e-mail addresses and another detailing the negotiating position of the spiritual leader's envoy.
During the investigation into the so-called Shadow Network, investigators were able to obtain data taken by the attackers, including some 1,500 letters sent from the Dalai Lama's office between January and November last year. While the report said many of the letters did not contain sensitive information, it added that they allowed the attackers to collect information on anyone contacting the exiled spiritual leader's office.
The team traced the attacks to hackers apparently in Chengdu, which is also the location of one of the PLA's technical reconnaissance bureaus charged with signals intelligence collection. Researchers said one hacker, who used the cyber name 'lost33', had attended the University of Electronic Science and Technology of China, which publishes manuals on hacking and offers courses on network attack and defence security.
The authors said an anomaly was detected when analysing traffic from the offices of the Tibet government in exile: computers in Dharamsala were checking in with a command and control server situated in Chongqing. Despite Chongqing Communist Party chief Bo Xilai's high-profile anti-corruption campaign, the city still has a high concentration of gangs said to have ties to the government and which have extended their traditional criminal activities to include cyber crime.
While Walton admits no direct link to the central government has been detected, he does not seem to have any doubts about who is behind the attacks.
'Some people shy away from saying it's the state,' he says, 'but there's a growing body of evidence. My own feeling is that sooner or later someone will be able to prove it.'
The 'Shadows in the Cloud' report, which Walton contributed to, points to the existence of a vibrant hacker community in the mainland 'that has been tied to targeted attacks in the past and has been linked, through informal channels, to elements of the Chinese state, although the nature and extent of the connections remains unclear'.
The authors allude to a 'privateering' model in which the government authorises citizens to carry out attacks against 'enemies of the state'. However, the report referred to research by Scott Henderson, author of The Dark Visitor: Inside the World of Chinese Hackers. Henderson wrote that there was disagreement about the exact relationship between hackers and the state, running from 'authorise' to 'tacit consent' to 'tolerate'.
The most plausible explanation, the report said, and the one supported by the evidence, is that the Shadow Network is based in the mainland and run by one or more people with close ties to the country's criminal underworld.
The report concluded: 'As a result, information that is independently obtained by the Chinese hacker community is likely to find its way to elements within the Chinese state.'
Lhadon Tethong says security experts she's spoken to consider the cyber war 'a lost game' but that she takes a different approach - trying to remain one step ahead of the mainland authorities.
'We're looking at new technologies that haven't come out yet and how they can be used in Tibet,' she says. 'The Chinese government can control your BlackBerry or laptop, but let's look beyond that, at iPads and Android technology [a mobile-phone operating system developed by Google]. You cannot stop it. The force is just too strong.
'We worked with young and innovative technical experts and geeks from the beginning,' she says. 'The optimistic part is that the advances in communications technology are happening so quick that the Chinese bureaucracy can't keep up. Saying you can't do this or that because they're too good is just not true.'
She cites the microblogging service Twitter, which the authorities managed to block. Before that, Tibetan activists had found it a useful tool for getting their message across both within and outside the mainland.
'You can block one site and another will pop up, and it won't take long before people find it,' she says. 'You can try to control it but there's no way to stop it and I think they know that.'
Chan agrees. 'The trend can't go back. It's important to learn how to get around [the controls]. If civil society grows faster than the government controls, then you win.'
Meanwhile, the attacks are increasing in number and in sophistication.
On March 18, people on the mailing list of Human Rights in China (HRIC) received an e-mail that appeared to be from director Sharon Hom. The subject line - 'Microsoft, Stool Pigeon for the Cops and FBI' - convinced many recipients to take a look at the enclosed attachment. Within seconds the e-mail was flying around cyberspace, with thousands receiving it and passing it on to others.
But the e-mail was not from Hom. It was a 'spear phishing' e-mail that lured recipients to visit a compromised website in Taiwan. Those who clicked on the link unknowingly loaded malware that allowed the attackers to take control of their computers from a server in Jiangsu province.
In a report on the HRIC attack, Villeneuve wrote that the malware spread via the e-mail was traced to a command and control centre in Jiangsu. He said the nature of the compromised entities and the data stolen by the attackers indicated correlations with the mainland's strategic interests. But he concluded that 'we were unable to determine any direct connection between these attackers and elements of the Chinese state'.
Earlier this year, a foreign journalist was conducting a text conversation on Skype with Tsering Woeser, a Beijing-based Tibetan poet and commentator, when the journalist received an article over the internet service. When the suspicious reporter called Tsering Woeser to ask about the file, she was not even home. Someone had hijacked her account and started conversations with 30 of her Skype friends, several of them journalists. They even imitated the way the poet spoke. Some were tricked into downloading malware. This was the second hijacking of her Skype account in two years.
Most cyber attacks rely on a tactic known as 'social engineering', manipulating people to get them to provide computer access through trickery, rather than technical hacking.
'At the root it's not technology,' Walton says. 'The deeper the penetration, the more intelligence they can feed into a social engineering attack. If I look at your computer, I can draft e-mails that you will trust more and more.'
Robbie Barnett, director of the Modern Tibet Studies programme at Columbia University, in the United States, says the attackers are getting increasingly sophisticated in their use of social engineering. They use the names of people you know, refer to an incident over the past 48 hours, often with a provocative subject, and may even have the actual sender's real e-mail address. He says no one can be 100 per cent safe, no matter what precautions are taken.
'Eventually, they hit a bull's eye,' Barnett says, 'They send you a letter from a Tibetan who's just written to you and could easily be sending something to you. Even if you've been careful for years, you could fall for it.'
Typically the target receives an e-mail appearing to be from an acquaintance. Often it mentions some sensational detail that lures the victim into opening a file or visiting a website that opens a backdoor, where malware can be planted.
Control is often maintained through the use of the Chinese Gh0st RAT (remote access tool). These trojans enable nearly unrestricted access to the infected system. The attacker can then carry out surveillance of the attacked computer, pilfer files and e-mails and send data to other computers, and use the infected computer as a platform to launch future attacks against computers around the world.
'It's all part of a trend that I've been watching for a decade,' says Walton, 'pushing surveillance of the population from the network to the desktop.
'Everything you can do, they can do - it's like they're sitting in front of your computer. They can turn on the webcam, the microphone and access documents. Someone is staring back at you through your webcam. It's Orwellian.'
While much of the activity seems focused on gathering intelligence and disruption of operations, in some cases the attacks are more dangerous. In July, the website of Chinese Human Rights Defenders was shut down several times by direct denial of service (DDOS) attacks. In April, the Foreign Correspondents' Club of China was forced to take its website offline temporarily after being repeatedly hit by DDOS attacks.
In January, Google announced it had found 'a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property'. The attack was said to have targeted the Google e-mail accounts of Chinese human-rights activists.
Journalists have also become a target. In April, Andrew Jacobs, Beijing correspondent for The New York Times, wrote an article detailing how his computer had been hacked and e-mails redirected to an unknown address. Jacobs said scores of foreign reporters in the mainland had experienced similar intrusions.
Last September, several foreign news bureaus in Beijing began receiving e-mails from 'Pam', who said she was an economics editor. The e-mails, which were in well-written English and included a list of genuine contact names, detailed a proposed reporting trip. However, when the attached PDF was opened it unleashed malware.
Walton and Villeneuve, who studied the virus, said in a report that the file appeared to be a legitimate document that had been stolen from a compromised computer, which was then modified to include malware and serve as a lure. While they said the malware could not be traced back to the central government, the recipients were Chinese news assistants, whose e-mail addresses were not widely known to the public, but were to the Ministry of Foreign Affairs.
Richard Baum, moderator of Chinapol, an online community of more than 900 China watchers, including journalists, lawyers and analysts, says the group has suffered 'a certain amount of leakage' of membership lists and e-mail traffic. Members have also received phishing e-mails. Recently, an e-mail was sent to some members purporting to be the new member e-mail list, which had a malware attachment.
Walton says data was being sent back to a computer in Chongqing within 30 seconds of the malware being accepted.
In the HRIC incident, a member of Chinapol sent the e-mail to all its members, some of whom in turn passed it on to their acquaintances.
What's troubling is anti-virus software used by the general public is not always effective in catching these viruses. In the case of the HRIC attack, there was very low anti-virus cover, with only eight out of 42 anti-virus products detecting the file as malware, the investigation found. In the case of the news assistants who downloaded malware, only three of 41 anti-virus products used by VirusTotal, a service that analyses suspicious files and URLs, detected the malicious code embedded in the PDF file.
Fake e-mails also create confusion. A human-rights activist in Hong Kong tells of an e-mail sent out in her name revealing certain information only known to people she worked closely with.
'This is their way of saying, 'We know who you are and what you're doing', to make you feel scared,' she says. 'Even if people know the e-mail is not from me, the damage is already done. The next time they'll ask if it's really from me.'
HRIC's Hom says: 'This is seriously raising security issues for us. It makes every NGO, every journalist, every contact ask if they get an e-mail from me if it's real. As a small NGO we don't have the resources, technical expertise and capacity to guard ourselves against such high-level attacks. It makes it very difficult for us to do our work.
'How can any organisation, company or government function if communication with other persons or organisations runs the risk of a malware attack that undermines the trust in the organisation? The biggest impact on us is we have to be extremely careful not to compromise the security of the people we're dealing with.'
One example of this, from the GhostNet report, is that of a young Tibetan woman who was returning to her village after having worked for two years in India. She was stopped at the Nepal-Tibet border by Chinese intelligence officers. The woman was taken to a detention centre, where she was interrogated about her connection with Drewla.
She insisted she had gone to India just to study, denying any political involvement, but her claims were waved away. The officers then pulled out a dossier on her activities in India, including transcripts of her online chats about Tibet.
She was held for two months and then allowed to return to her village.
As a result, many activists are now reluctant to send information over the internet and even delete e-mails from people they don't know or that look suspicious. The result is less information is getting through to the people who need it.
'It's caused a lot of problems for me,' says Tsering Woeser, who is often under police surveillance. 'First, because of my situation, I can only contact my friends through Skype and e-mail, and now some Tibetan friends are afraid to contact me. I'm getting much less information than before. It's a huge interference.'
Tsering Woeser says her internet activities are constantly probed. In a recent incident, she received an e-card from dissident writer Yu Jie, which turned out to be a phishing spear. She says that at least once a month a person pretending to be a Tibetan attempts to make contact with her online.
'But what I worry about most is that the people who are in contact with me may get into trouble and I won't even know about it,' she says.
Barnett also depends on sources to provide him with news from tightly controlled Tibetan areas. He says he, too, is now receiving far less information than in previous years. 'The deterrent effect on people sending information is very effective,' he says. 'This is having a massive effect on the limitation of outsiders finding out what's happening in China. A lot of it works by fear, intimidation and self-censorship. People are worried about interception.'
Barnett says this climate of surveillance suggests to anyone considering sending information 'that they should think twice'.
The culture of security in China, he says, means the government only has to go after a few people to have a deterrent effect.
'You only have to pick up three people for passing on information and that will deter hundreds of thousands of others,' he says. 'The system may now be more powerful than us.'
Walton says there has been a clear increase in the number of incidents this year, although he cautions that this may be due to the fact people are more on the lookout for these things.
'There's more awareness and people are suspicious of links and e-mails,' he says. 'In terms of forward trends, I see a continuous escalation of these attacks. People are being compromised every day and I'm getting examples on a daily basis.'
Experts say that if Beijing is not responsible for the attacks, it has a responsibility to shut down hackers working within its borders.
'I have never and still don't make the claim that it was the government,' Hom says. 'But if China insists on internet sovereignty and sovereignty over its territory, it has to take responsibility for these kinds of cyber attacks. It has to show the international community that it has taken steps to investigate, track down and end these attacks.'