Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Amnesty International Canada Says It Was Hacked by Beijing

The Canadian branch of Amnesty International said Monday it was the target of a cyberattack sponsored by China.

The human rights organization said it first detected the breach Oct. 5 and hired forensic investigators and cybersecurity experts to investigate.

The Canadian branch of Amnesty International said Monday it was the target of a cyberattack sponsored by China.

The human rights organization said it first detected the breach Oct. 5 and hired forensic investigators and cybersecurity experts to investigate.

Ketty Nivyabandi, Secretary General of Amnesty International Canada, said the searches in their systems were specifically and solely related to China and Hong Kong, as well as a few prominent Chinese activists. The hack left the organization offline for nearly three weeks.

U.S. cybersecurity firm Secureworks said there was no attempt to monetize the access, and “a threat group sponsored or tasked by the Chinese state” was likely behind the attack because of the nature of the searches, the level of sophistication and the use of specific tools that are distinctive of China-sponsored actors.

Nivyabandi encouraged activists and journalists to update their cybersecurity protocols in light of it.

“As an organization advocating for human rights globally, we are very aware that we may be the target of state-sponsored attempts to disrupt or surveil our work. These will not intimidate us and the security and privacy of our activists, staff, donors, and stakeholders remain our utmost priority,” Nivyabandi said.

Amnesty is among organizations that support human rights activists and journalists targeted by state actors for surveillance. That includes confirming cases of activists’ and journalists’ cellphones being infected with Pegasus spyware, which turns the devices into real-time listening tools in addition to copying their contents.

In August, the cybersecurity firm Recorded Future listed Amnesty and the International Federation for Human Rights among organizations that Chinese hackers were targeting through password-stealing schemes designed to harvest credentials. It called that particularly concerning given the Chinese state’s “reported human rights abuses in relation to Uyghurs, Tibetans and other ethnic and religious minority groups.”

Advertisement. Scroll to continue reading.

Amnesty has raised alarms about a system of internment camps in China that swept up a million or more Uyghurs and other ethnic minorities, according to estimates by experts. China, which describes the camps as vocational training and education centers to combat extremism, says they have been closed. The government has never publicly said how many people passed through them.

China’s embassy in Ottawa did not immediately respond to a message seeking comment.

Related: Amnesty Links Indian Cybersecurity Firm to Spyware Attack on African Activist

Related: Amnesty Sounds Alarm Over Gulf, Norway Virus Apps

Related: Israel Court Rejects Amnesty Petition Against Spyware Firm NSO

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

More People On The Move

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.