Hi LibTech I am pleased to announce a new Citizen Lab publication, Communities @ Risk: targeted digital threats against civil society.
Communities @ Risk is the culminating report of a multi-year, multi-group study on targeted digital threats. We define targeted digital threats as persistent attempts to compromise and infiltrate the networked devices and infrastructure of specific individuals, groups, organizations, and communities. The study involved 10 civil society organizations (CSOs) that shared suspicious emails, network traffic, and other data with Citizen Lab researchers who conducted detailed, confidential analysis. Citizen Lab researchers also paid site visits to the participating CSOs and interviewed them about their perceptions and the impacts of the digital attacks on their operations. Data from both the technical and contextual aspects of the research informs the report’s Key Findings: In the digital realm, CSOs face the same threats as the private sector and government, while equipped with far fewer resources to secure themselves. Counterintuitively, technical sophistication of malware used in these attacks is low, but the level of social engineering employed is high. Digital attacks against CSOs are persistent, adapting to targets in order to maintain access over time and across platforms. Targeted digital threats undermine CSOs’ core communications and missions in a significant way, sometimes as a nuisance or resource drain, more seriously as a major risk to individual safety. Targeted digital threats extend the “reach” of the state (or other threat actors) beyond borders and into “safe havens.” Remediation of the problem will require major efforts among several stakeholders, from the foundations that fund civil society, to the private sector, to governments. The full report, including links to data, can be found on the report's website at https://www.targetedthreats.net/ Links to individuals sections 1. Executive Summary https://targetedthreats.net/media/1-ExecutiveSummary.pdf 2.1. Extended Analysis - Summary, Methodology, Data Overview https://targetedthreats.net/media/2.1%20Extended%20Analysis-SMDA.pdf 2.2 Extended Analysis - Cluster Analysis https://targetedthreats.net/media/2.2%20Extended%20Analysis-Cluster.pdf 2.3 Extended Analysis - Civil Society https://targetedthreats.net/media/2.3%20Extended%20Analysis-CivilSociety.pdf 3. Further Reading https://targetedthreats.net/media/3-FurtherReading.pdf 4. Glossary https://targetedthreats.net/media/4-Glossary.pdf 5. Appendix https://targetedthreats.net/media/5-Appendix.pdf Data Release https://github.com/citizenlab/malware-indicators Media Globe and Mail http://www.theglobeandmail.com/news/national/state-sponsored-hackers-target-human-rights-groups-study-says/article21529014/ Reuters http://www.reuters.com/article/2014/11/11/china-cybercrime-civilliberties-idUSL1N0ST2XW20141111 Ronald Deibert Director, the Citizen Lab and the Canada Centre for Global Security Studies Munk School of Global Affairs University of Toronto (416) 946-8916 PGP: http://deibert.citizenlab.org/pubkey.txt http://deibert.citizenlab.org/ twitter.com/citizenlab [email protected]
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
