Amnesty International Canada hit by cyberattack out of China, investigators say - Action News
Home WebMail Friday, November 22, 2024, 10:48 AM | Calgary | -10.8°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Politics

Amnesty International Canada hit by cyberattack out of China, investigators say

The Canadian branch of Amnesty International was the target of a sophisticated cyber-security breach this fall an attack forensic investigators believe originated in China with the blessing of the government in Beijing.

The hackers appear to have been looking for a list of Amnesty's contacts

x
Protesters gather outside the Parliament buildings in Ottawa on February 22, 2021 to protest China's actions against ethnic Muslim Uyghurs. (The Canadian Press)

The Canadian branch of Amnesty International was the target of a sophisticated cyber-security breach this fall an attack forensic investigators believe originated in China with the blessing of the government in Beijing.

The intrusion was first detected on October5, the human rights group said Monday.

The attack showed signs of being the work ofwhat's known as an advanced persistent-threat group (APT), according to the cyber security company that conducted the forensic investigation.

Unlike a typical cybercrime attack, the attack on Amnestyinvolved establishing covert surveillance ofthe operating system of Amnesty's network, said the report prepared for Amnesty International Canada by the U.K.-based cybersecurity firm Secureworks.

The hackers appeared to be attempting to obtain a list of Amnesty's contacts and monitor its plans.

The revelation comes as relations between Canada and China remain frosty on several fronts.

Secureworks said it's confident in its conclusion that Beijing or a group affiliated with the Chinese government was responsible for the breach.

"This assessment is based on the nature of the targeted information as well as the observed tools and behaviours, which are consistent with those associated with Chinese cyberespionage threat groups," said the report.

Ketty Nivyabandi, secretary general of Amnesty International Canada, said the experience should offer a clearwarning to other human rights groups and civil society members.

"This case of cyberespionage speaks to the increasingly dangerous context in which activists, journalistsand civil society alike must navigate today," she said.

"Our work to investigate and call out these acts has never been more critical and relevant. We will continue to shine a light on human rights violations wherever they occur and to denounce the use of digital surveillance by governments to stifle human rights."

x
Activists from Amnesty International stage a protest in a show of support for China's Uyghur Muslims outside the National Assembly in Paris on Jan. 26, 2022. (Michel Euler/Associated Press)

Mike McLellan, director of intelligence for Secureworks, saidtargetinghuman rights groups falls underChina's recent methods of operation.

"China uses its cyber capabilities to gather political and military intelligence and spy, and organizations like Amnesty are interesting to China because of the people they work with, the work that they do," McLellan told CBC News. "We see organizations like this targeted because China is interested in surveillance."

He said he doesn't believe there's any connection between the tense currentnature of the Canada-China relationshipand the timing of the cyber attack.

"I think it's much more about Amnesty Canadathan Canada-China," McLellan said.

Four days after the release of the Amnesty report,the Chinese embassy in Ottawa issued a sternly-worded denialaccusingthe human rights group of misleading the public and "spreading lies and rumours about China."

"As a staunch defender of cybersecurity, we firmly oppose and combat attacks of any kind.Chinawillneverencourage, support, or connive in such cyber attacks,"said the unsigned statement.

Last summer, another Massachusetts-based cybersecurity firm Recorded Future issued a report warning that hacking groups suspected of acting for the Chinese government have beeninvolved in a multi-year espionage campaign against numerous governments, NGOs, think-tanks and news agencies.

The report said that campaign has targetedtheInternational Federation for Human Rights (FIDH), Amnesty International, the Mercator Institute for China Studies (MERICS), Radio Free Asia (RFA), the American Institute in Taiwan, Taiwan's ruling Democratic Progressive Party (DPP)and India's National Informatics Centre since 2019.

Canadian-based Citizen Lab, an internet watchdog group, published a major study in 2016 that showed it and other civil society organizations have been penetrated by cyberspies, many of them linked to China.

Targeted by 'state-sponsored' spies

The study drew on four years of research with Tibet Action and nine other cooperating civil society groups. Eight were China or Tibet-focused; two were large international human rights organizations.

As part of that groundbreaking study, more than 800 suspicious emails were examined for malicious software by Citizen Lab, an interdisciplinary laboratory based at the University of Toronto's Munk School of Global Affairs& Public Policy.

Nivyabandi said Amnesty International Canada is aware the work it does can make it a target.

"As an organization advocating for human rights globally, we are very aware that we may be the target of state-sponsored attempts to disrupt or surveil our work," she said.

"These will not intimidate us and the security and privacy of our activists, staff, donors, and stakeholders remain our utmost priority."

She said the relevant authorities,staff, donorsand stakeholders have been toldof the breach and the organization will continue to work with security experts to guard against future risks.