Tuesday, December 2, 2014

Communities @ Risk - Targeted Digital Threats Against Civil Society

Civil society organizations (CSOs) that work to protect human rights and civil liberties around the world are being bombarded with persistent and disruptive targeted digital attacks—the same sort of attacks reportedly hitting industry and government. Unlike industry and government, however, civil society organizations have far fewer resources to deal with the problem.

Communities @ Risk: Targeted Digital Threats Against Civil Society, a report by the Citizen Lab, an interdisciplinary research laboratory based at the University of Toronto’s Munk School of Global Affairs, sheds light on an often overlooked digital risk environment.

This report is the culmination of a four year study involving ten civil society groups. Using a mixed methods approach combining malware analysis, interviews, and fieldwork, the study sought to gain greater visibility into the technical, social, and political nature of targeted digital threats. Data from both the technical and contextual aspects of the research inform the report’s main findings.
Main Findings
  • In the digital realm, CSOs face the same threats as the private sector and government, while equipped with far fewer resources to secure themselves.
  • Counterintuitively, technical sophistication of malware used in these attacks is low, but the level of social engineering employed is high.
  • Digital attacks against CSOs are persistent, adapting to targets in order to maintain access over time and across platforms.
  • Targeted digital threats undermine CSOs’ core communications and missions in a significant way, sometimes as a nuisance or resource drain, more seriously as a major risk to individual safety.
  • Targeted digital threats extend the “reach” of the state (or other threat actors) beyond borders and into “safe havens.”
1. Executive Summary: provides an overview of the research findings and recommendations for how stakeholder communities can respond to targeted digital threats.
Executive Summary

2. Extended Analysis: provides a comprehensive presentation of the study’s methodology, data, and results.
Extended Analysis

2.1 Summary, Methodology and Data Overview: describes our methodology for data collection and analysis and presents a high level overview of the dataset.
Methodology and Data Overview

2.2 Cluster Analysis: provides analysis of 10 distinct targeted malware campaigns. Five of these campaigns are connected to threat actors known to target government and industry.
Cluster Analysis

2.3 Civil Society Perspectives and Responses: reports on results from interview data and opens a window into how groups under threat think about and respond to digital threats.
Civil Society Perspectives

Appendix: In this section, we provide specific examples of emails that would be assigned targeting scores described in The Extended Analysis.

Data Release
Report Glossary
Further Reading
Media Kit
USENIX Security
Citizen Lab

A Project of The Citizen Lab, Munk School of Global Affairs, University of Toronto

No comments:

Post a Comment