[liberationtech] Citizen Lab New Report
Ronald Deibert
r.deibert at utoronto.ca
Tue Nov 11 05:28:41 PST 2014
Hi LibTech
I am pleased to announce a new Citizen Lab publication, Communities @ Risk: targeted digital threats against civil society.
Communities @ Risk is the culminating report of a multi-year, multi-group study on targeted digital threats. We define targeted digital threats as persistent attempts to compromise and infiltrate the networked devices and infrastructure of specific individuals, groups, organizations, and communities.
The study involved 10 civil society organizations (CSOs) that shared suspicious emails, network traffic, and other data with Citizen Lab researchers who conducted detailed, confidential analysis. Citizen Lab researchers also paid site visits to the participating CSOs and interviewed them about their perceptions and the impacts of the digital attacks on their operations.
Data from both the technical and contextual aspects of the research informs the report’s Key Findings:
In the digital realm, CSOs face the same threats as the private sector and government, while equipped with far fewer resources to secure themselves.
Counterintuitively, technical sophistication of malware used in these attacks is low, but the level of social engineering employed is high.
Digital attacks against CSOs are persistent, adapting to targets in order to maintain access over time and across platforms.
Targeted digital threats undermine CSOs’ core communications and missions in a significant way, sometimes as a nuisance or resource drain, more seriously as a major risk to individual safety.
Targeted digital threats extend the “reach” of the state (or other threat actors) beyond borders and into “safe havens.”
Remediation of the problem will require major efforts among several stakeholders, from the foundations that fund civil society, to the private sector, to governments.
The full report, including links to data, can be found on the report's website at https://www.targetedthreats.net/
Links to individuals sections
1. Executive Summary
https://targetedthreats.net/media/1-ExecutiveSummary.pdf
2.1. Extended Analysis - Summary, Methodology, Data Overview
https://targetedthreats.net/media/2.1%20Extended%20Analysis-SMDA.pdf
2.2 Extended Analysis - Cluster Analysis
https://targetedthreats.net/media/2.2%20Extended%20Analysis-Cluster.pdf
2.3 Extended Analysis - Civil Society
https://targetedthreats.net/media/2.3%20Extended%20Analysis-CivilSociety.pdf
3. Further Reading
https://targetedthreats.net/media/3-FurtherReading.pdf
4. Glossary
https://targetedthreats.net/media/4-Glossary.pdf
5. Appendix
https://targetedthreats.net/media/5-Appendix.pdf
Data Release
https://github.com/citizenlab/malware-indicators
Media
Globe and Mail
http://www.theglobeandmail.com/news/national/state-sponsored-hackers-target-human-rights-groups-study-says/article21529014/
Reuters
http://www.reuters.com/article/2014/11/11/china-cybercrime-civilliberties-idUSL1N0ST2XW20141111
Ronald Deibert
Director, the Citizen Lab
and the Canada Centre for Global Security Studies
Munk School of Global Affairs
University of Toronto
(416) 946-8916
PGP: http://deibert.citizenlab.org/pubkey.txt
http://deibert.citizenlab.org/
twitter.com/citizenlab
r.deibert at utoronto.ca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20141111/54179b32/attachment.html>
More information about the liberationtech
mailing list