Amnesty International Canada claims attack by China-backed forces
Threat actors allegedly looking for contacts and monitoring org's future plans
The Canadian branch of Amnesty International was the target of an attack it has pinned on a Chinese state-sponsored actor.
The human rights organization said it could not find evidence of donor or membership data theft, but it was speaking publicly about the attack to "caution other human rights defenders on the rising threat of digital security breaches."
The attackers reportedly sought the organization's contacts and details of its future plans.
The org brought on cyber security and forensic experts to investigate and protect its systems after it detected suspicious activity in its IT infrastructure in early October.
"The investigation's preliminary results indicate that a digital security breach was perpetrated using tools and techniques associated with specific advanced persistent threat groups (APTs)," states Amnesty's assessment of the incident. The org added that infosec vendor Secureworks determined the attack was likely conducted at the direction of Beijing, thanks to the presence of telltale tools and behaviors associated with Chinese hack gangs.
- Amnesty International and French media protection org claim massive misuse of NSO spyware
- Pro-China crew ramps up disinfo ahead of US midterms. Not that anyone's falling for it
- This malware gang plants incriminating evidence on PCs, gets victims arrested
- China-linked Budworm burrows hole in US legislature systems
Amnesty secretary general Ketty Nivyabandi tweeted that the cyber attack knocked the org's Canadian office offline for nearly three weeks.
"As an organization advocating for human rights globally, we are very aware that we may be the target of state-sponsored attempts to disrupt or surveil our work," said Nivyabandi, adding that the group would not be intimidated by the act.
"We will continue to shine a light on human rights violations wherever they occur and to denounce the use of digital surveillance by governments to stifle human rights," declared Nivyabandi.
Amnesty International has been critical about China's human rights record and its use of surveillance tools. In September 2020, it released a report on European companies who sold surveillance tools to China's public security agencies and advocated a revision of EU export regulations to prevent subsequent human right abuses.
In June 2021, it signed an open letter calling for a global ban on biometric technologies that enable mass surveillance. China was one of the countries it said "harmed people's right to privacy and right to free assembly and association." The org further detailed that "the surveillance of ethnic and religious minorities and other marginalized and oppressed communities" in China "violated people's right to privacy and their rights to equality and non-discrimination."
Since the October cyber attack, Amnesty International has called on China to cease detaining protesters involved in recent demonstrations across the Middle Kingdom.
"Unfortunately, China's playbook is all too predictable. Censorship and surveillance will continue, and we will most likely see police use of force and mass arrests of protesters in the coming hours and days. Long prison sentences against peaceful protesters are also to be expected," lamented Hana Young, a director at Amnesty International.
"Amnesty International Canada's openness and transparency about recent events will undoubtedly help all organizations facing persistent and sophisticated threat actors. The more we create an environment in which organizations can share their experiences, knowledge and threat intelligence, the stronger the collective global cybersecurity industry becomes," Secureworks told The Register. ®