The computer espionage attacks that hit many governments and industries also target organizations working to protect civil liberties and human rights around the world, according to a new report from the University of Toronto’s Citizen Lab.
However, unlike government and industrial organizations, civil society groups do not have enough resources to handle this problem alone. Although the attacks on these organizations rarely make headlines, they pose a serious threat to the worldwide promotion of democracy and human rights.
The study, titled “Communities @ Risk: Targeted Digital Threats Against Civil Society,” is based on four years of research with ten civil society organizations, including two large human rights organizations and eight Tibet- or China-focused groups.
It aims for greater visibility of the often neglected digital risk environment that affects some of the most essential institutions of our society.
The organizations that took part in the study shared suspicious emails, attachments, and other details with Citizen Lab researchers who performed a confidential and detailed analysis. The researchers also visited participating organizations to observe the impact of the attacks on their operations. The report is a major attempt to identify the kind of digital attacks that plague the civil society and human rights organizations.
The study offers several interesting findings. The researchers, for example, say that even the most effective security attacks against civil society organizations are not technically sophisticated. Most attacks simply employed legitimate-looking emails or others are designed to encourage targets into clicking on links or opening attachments.
The content of these luring emails is often derived from data collected from previous security breaches in other organizations. However, when socially engineered attacks like these are constantly used as bait, they erode the trust factor and cause communities to stop using the communication tools that are considered as the best assets of organizations.
Over the course of the study, the researchers observed that the attackers modified their techniques based on the organizations’ choice of software and operating systems. This clearly indicates that targeted digital threats are evolving.
Malware attacks in China against minority communities such as Uyghurs and Tibetans are not new, and in fact, date back to 2002.
When the Chinese government was asked about the hacking claims, they said that they have not read the report and denied their involvement. A foreign ministry spokesperson said that China wants to safeguard peace and security operations in cyberspace.
Citizen Lab director Ron Deibert believes that China certainly benefits from these attacks.
“There’s no doubt about it. This is something that is, if not carefully orchestrated by the government of China, is certainly tolerated by them and they benefit from it.”
The study highlighted in our VPN blog also argues that these problems cannot be solved without major efforts from foundations that fund the civil society, which includes government bodies and private companies.
Funders can help grantees make improvements to their security, but they should also take steps to evaluate risks to themselves.
Companies that develop software or offer information security have a duty to support the organizations at risk. The report also recommends that civil society organizations should avoid the use of outdated and unsecured software. Most digital attacks exploit flaws in the system. By simply upgrading their software, organizations can prevent these attacks to a great extent.