When activists and human rights groups are targets of government hackers, where can they turn for help? - Action News
Home WebMail Saturday, November 23, 2024, 06:33 AM | Calgary | -12.2°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Science

When activists and human rights groups are targets of government hackers, where can they turn for help?

From phishing to trolling and online harassment, a researcher found there's precious little technical support available to civil society's most politically vulnerable groups.

There's precious little technical support for civil society groups facing online threats, new research says

Hossam Bahgat, of the Cairo-based Egyptian Initiative for Personal Rights, has been the target of malicious emails clearly aimed at compromising data, according to a 2017 Citizen Lab report. (Sarah Rafea/The Associated Press)

In Mexico, journalists, lawyersand activists have all been targets of suspected government spyware. Members of the Tibetan community of particular interest to the Chinese government have faced persistent phishing attacks for years. And in countries such as the United Arab Emirates and Bahrain, access to political criticism and LGBTQcontent is frequently monitored andoutright blocked.

When it comes to fending off a wide range of online threats denial-of-serviceattacks, phishing, malware, trolling, harassment and more there's precious little hands-on support available to "politically vulnerable organizations,"according to a new report from University of California, Berkeley researcher Sean Brooks.

"There are a couple of well-resourced groups operating in this space, but it's limited," Brooks said.

There can't be many more than 40 people globally who provide technical support to civil society organizations reeling from a hack or targeted attack, he said,and most are stretched thin, helping many individuals and groups at once.

That needs to change, Brooks says.

As the internet becomes more central to how civil society groups work, NGOs, independent journalists, activists, dissidentsand human rights advocates will only become bigger targets of online threats.

Good security should be understood contextuallyand therefore differently based on the organization'sneeds and threat models.- Cybersecurity researcher Yuan Stevens

"The internet has provided those global communities with a way of connecting with one another, to become more effective in fulfilling their missions lifting up the lives of many individuals who would otherwise be disproportionately harmed by rising authoritarianism," said Brooks. "And therefore these groups will continue to be targeted."

Mostly advocacy and analysis

In developing regions, civil society groups often advocate for causes that might seem uncontroversial in the West the recognition of basic human rights, for example, or protests against government corruption.

But such campaigns can put them in the crosshairs of governments, criminals, hate groupsor hacktivists who seek to intimidateor prevent such messages from getting out.

What's worse isif a human rights organizer in India, or a political blogger in Egypt, finds themselves infected with spyware,or perhaps knows that their phone may be under surveillance,they may not have the time, financial resources, technical knowledge or support to deal with such threats, as an organization in North America or Europe wouldespecially not long term.

Contrary to Western security advice, the use of encrypted messaging apps can be viewed as suspicious by authorities in some countries. (Murad Sezer/Reuters)

Brooks looked at more than 100 organizations most in North America and Europe that have tried to help.

More than half were NGOs themselves, predominantly small groups of less than 30 members;the remaining were a mix of academic groups, private companies, charitable foundationsand government agencies.

Most focused on advocacy work and analysis of law and policy, while one-third provided funding, security training, the development of technological toolsor a combination of the three.

But part of the problem with such arm's-length work is that training, toolsor practices that might make sense in a Western context doesn't always work in other regions.

In some countries, it can be difficult to obtain a burner SIM card. Encryption might be seen as something subversive a sign you have something to hide. And keeping your operating system up to date might be impractical when internet access is expensive or limited to only a few hours a day.

"Good security should be understood contextuallyand therefore differentlybased on the organization'sneeds and threat models," said Yuan Stevens, acybersecurity researcher, hackerand board member of theCanadian non-profit Open Privacy.

Stevens believesit's only a matter of time before more organizations have an in-house programmer or engineer on staff who understands the local landscape the same way they might have legal counsel or someone handling HR.

But until that happens, an increase in groups offering direct technical assistance could help.

Long-term security

The report found that only nine of those 100+ organizations offered direct technical assistance, such as protection from denial-of-service attacks, or analysis of phishing attempts and spyware.

But even that was often limited toemergency situations something Brooks sees as a stop-gap toward building long-term partnerships with at-risk groups, and helping build up their own in-house cybersecurity.

Citizen Lab found that Mexican journalists including Carmen Aristegui, pictured here as well as lawyers and activists were targeted by Israeli-produced spyware that is sold exclusively to governments. (Eduardo Verdugo/The Associated Press)

This is an area where both philanthropic organizations and private-sector companies could help, he said,through funding and grantsfor cybersecurity personnel and resources, as well as long-term partnerships focused on knowledge transfer and direct technical support.

One challenge is convincing these organizations that good security is worth the investment in the first place;that it can help support their core missionand isn't separate from it.

"Ten years ago, we were having the exact same conversation about private-sector cybersecurity as we're having about civil-society cybersecurity right now," Brooks said.

He points to an example in Tibet, where a long-term partnership between the Tibet Action Institute and the University of Toronto's Citizen Lab spawned a localized educational campaign that successfully discouraged Tibetans from passing information around via attachments a popular vector for targeted malware.

As a result, phishing attacks that relied on attachments dropped.

"A giant government security apparatus up against a 10-person NGO the asymmetry is just so dramatic that I think it really opens up a lot of questions about what can be done," said Brooks.

But he says it's not all doom and gloom.

"I think there are some very inspiring stories within this whole ecosystem of individuals and groups really making a difference not necessarily levelling the playing field, but raising the cost for those adversaries.

"And that's I think a huge accomplishment."