Chinese hackers target human rights groups, Citizen Lab says - Action News
Home WebMail Saturday, November 23, 2024, 02:18 AM | Calgary | -11.7°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Science

Chinese hackers target human rights groups, Citizen Lab says

Human rights and civil liberties groups have been penetrated by cyberspies, many of them linked to China, says a new report from the Canadian group Citizen Lab.

All 10 groups compromised during 4-year study period

The Canadian Cyber Incident Response Centre's report said the "apparent objective" of the hacking is the theft of intellectual property and trade secrets. (iStock)

Buffetted by persistent cyberattacks, Tibetan monks are giving new meaning to their ancient creed: Detach from attachments.

"Attachment can lead you to all sort of trouble and we Buddhists believe that non-attachment alone can lead you to happiness," 30-year-old monk Jamyang Palden told The Associated Press at a cafe in the Indian hill town of Dharamsala, before giving the philosophy its Information Age twist: "We have to learn to be suspicious of email attachments."

The internet safety slogan, one of several messages championed by digital security group Tibet Action Institute, is an example of how human rights defenders are seeking creative ways to protect activists from electronic espionage.

"It's cheesy, but it's memorable," said Freya Putt, a Vancouver-based activist.

There's little doubt that groups like Tibet Action need protection. A major study published Tuesday by internet watchdog Citizen Lab shows that it and other civil society organizations have been penetrated bycyberspies, many of them linked to China. And the report says that those behind the compromises are the same hackers responsible for high-profile attacks on major multinationals and Western governments.

"There's no doubt about it. This is something that is, ifnot carefully orchestrated by the government of China, iscertainly tolerated by them and they benefit from it," Citizen Lab director Ron Deibert told Reuters.

"They're using the same weaponry, the same arsenal indiscriminately," he said to the Associated Press.

Deibert'sstudy draws on four years of research with Tibet Action and nine other cooperating civil society groups. Eight are China or Tibet-focused; two are large international human rights organizations.

More than 800 suspicious emails

Altogether the groups forwarded more than 800 suspicious emails to Citizen Lab, an interdisciplinary laboratory based at the University of Toronto'sMunkSchool of Global Affairs. Experts there scanned the emails for malicious software, checked several organizations' networks for intruders, interviewed campaigners and, in the case of one particularly hard-hit human rights organization, combed through half a dozen hard drives.

'We have to learn to be suspicious of email attachments,' say Buddhist monk Jamyang Palden, (Ashwini Bhatia/The Associated Press)

All 10 groups were compromised at some point during the study, many of them through emails carrying booby-trapped attachments.

In a 2012 attack email shared with the AP, Tibet Action's director Lhadon Tethong was approached by a hacker impersonating a well-known China scholar, asking whether she would proof-read a list of Tibetans who have set themselves on fire in protest against the government in Beijing.

"Would you please have a look and make necessary corrections?" the email asks.

That attack failed Tethongsensed a trap when she noticed the email did not come from the scholar's professional address but others succeeded.Deibertsaid one rights group had its network compromised by "APT1" a prolific hacking crew whose activities have been tied to the China's People's Liberation Army for 20 months.

Asked about hacking claims, the Chinese government told Reuters it had not seen the report and denied knowledge or involvement in any attacks. China is willing to work to "jointly safeguard peace and security, openness and cooperation in cyberspace," a foreign ministry spokeswoman said.

Security holes remain unpatched

Most targets of the attacks studied by Citizen Lab are anonymous, somethingDeibertsays is in part because security holes identified by his colleagues remainunpatched. That means the organizations could be at greater risk if their names got out.

'This is something that is, if not carefully orchestrated by the government of China, is certainly tolerated by them and they benefit from it,' said Citizen Lab director Ron Deibert.

Others may simply fear losing face.

"There's still a stigma in some circles around computer breaches of any sort,"Deibertsaid.

That isn't an issue for Tibet Action, whose work iscenteredon raising awareness about online threats.

The efforts involve comic strips which portray Tibetans being spied through theirwebcamsor theirsmartphonesby glowering Chinese officers with1950s-styleheadsets, and a video skit in which "Attachment" played by a grinning Tibetan amateur sneaks into a man's home and steals his wallet.

It may be corny but trainerLobsangGyatsoSithersays thehumorworks.Sithershows the film and repeats the 'Detach from Attachments' mantra at digital security classes he teaches in classes inDharamsalaand elsewhere.

Palden, the monk, appears to have gotten the point. He tapes over his Mac'swebcam, takes the battery out of his Nokia handset when he doesn't want to be tracked and avoids popular Chinese chat programQQ. And he has absorbed the main message: "I do not open attachments from sources I do not trust," he said.

Deibertsays the plight of people likePaldenis often lost amid acybersecuritydebate which focuses on attacks against Fortune 500 companies and high-powereddefensecontractors.

"Ironically we are spotlighting the organizations that are the most equipped, that have the most resources and capacity to throw at the problem while leaving aside the organizations that could use the most help,"Deibertsaid.

He said one solution might be for human rights organizations and theirfunders to follow Tibetan Action's example in opening up about the threats they face.

"I'm not a Buddhist,"Deibertsaid, "but groups around the world could learn a lot from the Tibetans."

With files from Reuters