Targeting the Oppressed An Overlooked Aspect of Cyberattacks

Image source: Pixabay, an interesting guest post highlighting the impact of cyberattacks on oppressed groups.

This August, Google’s Project Zero reported the discovery of a number of hacked websites across the Net. Those malicious websites were used to conduct watering hole attacks on iOS users who visited them. According to Project Zero, some exploit chains had been in use since 2016.

While any cyberattack is dangerous and reprehensible, one thing stands out about this one in particular: the potential and desired targets of it.

Why the oppressed can be affected disproportionately

The reason why this long-lasting attack was so nasty is that the hackers had other goals than simply enriching themselves. Of course, stealing money through the Internet is nothing to be praised, and has to be condemned.

However, such scams and breaches are so common they have essentially become part and parcel of today’s online world. Sometimes, we may even laugh at the creativity of the latest Internet scam and exercise our own creativity by envisioning countermeasures to it.

But this recent iPhone vulnerability exploit is no laughing matter.

It became known that it was very likely carried out by the Chinese surveillance agencies to profile Uyghur activists.

The Uyghurs are a Turkic-speaking, predominantly Muslim minority living in Western China. Unfortunately, today they are mostly known for being oppressed by the Chinese government for having a culture other than the officially promoted and approved one.

The question of religion is another apple of discord. Despite the Chinese Constitution proclaiming freedom of religion, in reality, this principle is often violated under the premise of upholding the public order and preventing radicalization.

It was not the first time the Uyghurs were being targeted by a cyberattack. Back in 2012, there were reports of the Mac Control RAT Trojan being used specifically against this minority as well as the Tibetans, another persecuted ethnic group.

A year later, a similar story unfolded, this time using an exploit in Adobe.

The dominant ideology in China is Communism, imposed by the CCP. Any other ones, including religious doctrines, are seen as its rivals. Besides that, the Uyghurs, just like the other Turkic minorities as well as the Tibetans, have a strong sense of national identity – the identity that isn’t Chinese.

This makes the government look at minorities with suspicion. No power ever wants to be challenged, so the government employs various tactics of suppressing any possible dissidents, both in real life and online.

The danger of the Internet attacks such as the one described above is huge. Despite the vulnerabilities having been patched, thousands of activists have very likely been profiled by the government. It poses a real-life threat to them, as a practice of sending ethnic and religious minorities to “reeducation camps” exists in China.

In such camps, Uyghurs are forced to speak Chinese and sing Chinese songs, reject their national and religious identity, criticize themselves for belonging to their nationality and even participate in forced labor.

No amount of international pressure, be it by simple protesters or the UN, has so far dissuaded the Chinese government from such persecution. Sadly, it seems that it is up to the minorities to protect themselves from the state spying on them.

It was a Tibetan Buddhist monk who coined the rule “detach from attachments” in regards to email security in 2014. Malicious attachments are indeed one of the methods of infecting a system with spyware employed by the Chinese hackers, so not opening them is a good piece of advice.

Related to it, individuals and organizations that may be targeted by the government-backed cybercriminals should always double-check senders of all emails they get to make sure they are not coming from impersonators. Not clicking any links sent by email before hovering the mouse cursor over them to check if they actually lead where they say they do is another good cybersecurity habit to develop.

Watering hole attacks, however, are not so easy to spot because hackers prefer to infect legitimate sites that do not raise suspicions of either a user or their antivirus. The recently found hacked websites have been in operation for several years before being shut down.

Not letting the government know what websites members of a targeted community frequent can be an important step to prevent watering hole attacks. If there’s no information that a minority group uses a particular site often, there’s little reason to hack it. It can be achieved by  disguising the visitors’ real IP addresses through various means.

It’s necessary to keep one’s security software up-to-date. It is true for any Internet user anywhere, but especially for people living under oppressive regimes.

This alone is hardly sufficient, though. A good idea to complement other security measures is to access the Internet through a virtual machine to minimize the risks.

We can only hope that the situation will improve for the minorities in China and other states with similar “assimilation” policies. Until it does, though, the persecuted groups need to be constantly aware of all new cyberthreats that may target them.

About the author:

Dean Chester – cybersecurity enthusiast and online privacy fighter. He knows about restrictions and hacking attacks firsthand and is ready to share knowledge with non tech-savvy users.

See more cyber security stories here.

More information about Irish Tech News and the Business Showcase

FYI the ROI for you is => Irish Tech News now gets over 1.5 million monthly views, and up to 900k monthly unique visitors, from over 160 countries. We have over 860,000 relevant followers on Twitter on our various accounts & were recently described as Ireland’s leading online tech news site and Ireland’s answer to TechCrunch, so we can offer you a good audience!

Since introducing desktop notifications a short time ago, which notify readers directly in their browser of new articles being published, over 16000 people have now signed up to receive them ensuring they are instantly kept up to date on all our latest content. Desktop notifications offer a unique method of serving content directly to verified readers and bypass the issue of content getting lost in people’s crowded news feeds.

Drop us a line if you want to be featured, guest post, suggest a possible interview, or just let us know what you would like to see more of in our future articles. We’re always open to new and interesting suggestions for informative and different articles. Contact us, by email, twitter or whatever social media works for you and hopefully we can share your story too and reach our global audience.

Irish Tech News

If you would like to have your company featured in the Irish Tech News Business Showcase, get in contact with us at [email protected] or on Twitter: @SimonCocking

Comments are closed.