Read

User menu

Search form

NGOs Are Getting Targeted and Hacked Like Corporations – But From a Different Source

NGOs Are Getting Targeted and Hacked Like Corporations – But From a Different Source
Mon, 12/15/2014 - by Paromita Pain

Organizations working to protect human rights and civil liberties around the world are now being targeted, and bombarded, with persistent and disruptive digital attacks — similar to the attacks reportedly hitting industry and government. But unlike industry and government, the civil society organizations have far fewer resources to deal with the problem.

A report released last month by Citizen Lab, entitled Communities @ Risk: Targeted Digital Threats Against Civil Society, explores the often overlooked digital risk environment for NGOs and other groups. The study draws on four years of research with Tibet Action and nine other cooperating civil society groups, eight of which are China- or Tibet-focused, while the other two are large international human rights organizations.

“The report represents a major systematic effort to identify the type of digital attacks vexing human rights and other civil society organizations,” explained Prof. Ron Deibert, director of the Citizen Lab, an interdisciplinary research center based at the University of Toronto’s Munk School of Global Affairs.

“It is well known that computer espionage is a problem facing Fortune 500 companies and government agencies," he said. "Less well known and researched, however, are the ways in which these same type of attacks affect smaller organizations promoting human rights, freedom of speech, and access to information. We set out to fill this gap in knowledge.”

The report found that digital attacks against civil society organizations are persistent, adapting to their targets in order to maintain access over time and across various platforms. The attacks aren’t always carried out by lone hackers, but often are targeted digital threats by states and governments that seek to increase their control over information and its release. The increasing attacks, says the report, raise major issues about online rights and freedoms worldwide.

There are many ways the attacks are orchestrated. Email attachments can download viruses onto an organization’s computers that can corrupt the system for days. And sometimes hackers physically visit organizations and hack into their systems directly, compromising confidential and important data.

The report worked with the Tibet Action group. In an Associated Press interview, Tibet Action's director Lhadon Tethong said she was approached by a hacker impersonating a well-known China scholar, who requested to proof-read a list of Tibetans who had set themselves on fire in protest against the government in Beijing. Tethong was suspicious because the request didn’t come from the scholar’s official address. But attacks like this often succeed.

The organizations participating in the study shared emails and attachments suspected of containing malicious software, network traffic and other data with Citizen Lab researchers, who undertook confidential and detailed analyses of the material. The researchers also paid site visits to the participating groups and interviewed them about their perceptions and impacts of the digital attacks on their operations.

As the AP reported, “All 10 groups were compromised at some point during the study, many of them through emails carrying booby-trapped attachments.” As the report states, “Information Communication Technologies (ICTs) are central to the activities of the groups, and help them balance an historic asymmetry between them and powerful, well-resourced state interests.”

Often, questions of cyber threats are lost in the bigger debates surrounding the security of Fortune 500 companies and other large corporations or organizations. Members of the Tibetan community shared with the researchers different accounts of Chinese authorities confronting Tibetans with organizations' call records and chat transcripts during interrogations. Research on Ethiopia revealed similar issues.

In an op-ed published on OpenCanada, Citizen Lab's Deibert asked an important question: “What do we mean when we say 'cyber security?'" Deibert explained that “the tension between these points of view is not unique to cyber security, but reflects a deeper tension at the heart of global politics today: between a slowly emerging sense of global responsibility and citizenship on the one hand, and the old Westphalian nation-state system on the other.”

As IT World Canada reported, the study found that many tools and software used by civil society organizations are often counterfeit and expired, which leads organizations to miss making vital systems updates. Many use free versions of tools and packages that typically have low levels of security compared to their for-sale counterparts.

The report argues that solving the problem will require major efforts among several stakeholders, from the foundations that fund civil society to the private sector to governments. It calls for a concerted effort to protect these organizations; for example, companies that build software or provide information security could be obliged to support at-risk non-profit groups through a “pro bono” model of assistance, as well as with creative licensing solutions to avoid the use of insecure, outdated software.

Finally, the report says governments that support the right to privacy and freedom of expression should take steps to raise the profile of targeted digital threats against civil society in their domestic policy and diplomacy, “treating the matter as of equal priority to their defense of the private sector.”

Follow the author @ParoP.

Sign Up

Article Tabs

Norway Sovereign Wealth Fund, Norwegian divestment, oil divestment, fossil fuel divestments, carbon emissions, Green New Deal, petro-states

Europe's largest oil producer is effectively admitting the oil game is over and promises to divest from the industry – but it wants to play to the final whistle. Can it have it both ways?

Amazon, Amazon Web Services, Amazon cloud storage, Amazon government relationship, Amazon surveillance technology, Amazon financial dominance

Amazon provides is unmatched providing cloud storage to our federal government, gubernatorial organizations and local municipalities, with over 2,000 agencies now dependant on AWS.

Brexit, Brexit failure, leaving the E.U., British turmoil, Brexit no-deal

The rejection of a no-deal left the government crestfallen as its attempt to keep control of the Brexit process by maintaining a no-deal on the table was quashed.

youth climate strike, climate protests, climate walkouts, strike for climate, Greta Thunberg, global youth protests

The global Youth Climate Strike will have its official coming out party this Friday, March 15, when tens of thousands of young people worldwide skip school to protest climate inaction.

Norway Sovereign Wealth Fund, Norwegian divestment, oil divestment, fossil fuel divestments, carbon emissions, Green New Deal, petro-states

Europe's largest oil producer is effectively admitting the oil game is over and promises to divest from the industry – but it wants to play to the final whistle. Can it have it both ways?

Environmental activists occupy the office of then incoming Democratic majority leader Rep. Steny Hoyer, D-Md. (J. Scott Applewhite / AP)

Amid transatlantic proposals for a Green New Deal, monetary policy – normally relegated to obscure academic tomes and bureaucratic meetings behind closed doors – has suddenly taken center stage.

Image Credit: Sara Jane Rhee

Teachers are now understanding that their labor power is part of a broader strategy to even the playing field in a political landscape that is increasingly unequal.

District of Columbia Democratic Attorney General Karl Racine (center) is hiring outside climate counsel to work on matters related to an Exxon investigation. Karl Racine/Facebook

Washington, D.C. Attorney General Karl Racine has revealed plans to hire climate lawyers to focus on an investigation and potential litigation against Exxon Mobil Corp.

billionaires, abolish billionaires, extreme wealth, wealth inequality, income inequality, tax the rich, wealth redistribution, wealth tax

America’s billionaires have suddenly realized they just may be facing an existential crisis: A good chunk of the American people, they now understand, would rather billionaires not exist.

Posted 4 days 22 hours ago
Amazon, Amazon Web Services, Amazon cloud storage, Amazon government relationship, Amazon surveillance technology, Amazon financial dominance

Amazon provides is unmatched providing cloud storage to our federal government, gubernatorial organizations and local municipalities, with over 2,000 agencies now dependant on AWS.

Posted 2 days 22 hours ago
Brexit, Brexit failure, leaving the E.U., British turmoil, Brexit no-deal

The rejection of a no-deal left the government crestfallen as its attempt to keep control of the Brexit process by maintaining a no-deal on the table was quashed.

Posted 3 days 23 hours ago
Norway Sovereign Wealth Fund, Norwegian divestment, oil divestment, fossil fuel divestments, carbon emissions, Green New Deal, petro-states

Europe's largest oil producer is effectively admitting the oil game is over and promises to divest from the industry – but it wants to play to the final whistle. Can it have it both ways?

Posted 1 day 9 hours ago
Image Credit: Sara Jane Rhee

Teachers are now understanding that their labor power is part of a broader strategy to even the playing field in a political landscape that is increasingly unequal.

Posted 2 days 9 hours ago
Amazon, Amazon Web Services, Amazon cloud storage, Amazon government relationship, Amazon surveillance technology, Amazon financial dominance

Amazon provides is unmatched providing cloud storage to our federal government, gubernatorial organizations and local municipalities, with over 2,000 agencies now dependant on AWS.

Bouteflika protests, Algeria protests, second Arab Spring, Algeria youth, Algeria elections

Hundreds of thousands gathered at capital Algiers' landmark Grand Poste square demanding the president step down.

Norway Sovereign Wealth Fund, Norwegian divestment, oil divestment, fossil fuel divestments, carbon emissions, Green New Deal, petro-states

Europe's largest oil producer is effectively admitting the oil game is over and promises to divest from the industry – but it wants to play to the final whistle. Can it have it both ways?

District of Columbia Democratic Attorney General Karl Racine (center) is hiring outside climate counsel to work on matters related to an Exxon investigation. Karl Racine/Facebook

Washington, D.C. Attorney General Karl Racine has revealed plans to hire climate lawyers to focus on an investigation and potential litigation against Exxon Mobil Corp.

billionaires, abolish billionaires, extreme wealth, wealth inequality, income inequality, tax the rich, wealth redistribution, wealth tax

America’s billionaires have suddenly realized they just may be facing an existential crisis: A good chunk of the American people, they now understand, would rather billionaires not exist.