Cybersecurity

3 ways activists are being targeted by cyberattacks

A laptop being attacked.

Cybersecurity is paramount for activists – as these cautionary tales demonstrate. Image: Unsplash

Friedhelm Weinberg
Executive Director, HURIDOCS

When activists open their inboxes, they find more than the standard spam messages telling them they’ve finally won the lottery.

Instead, they receive highly sophisticated emails that look like they are real, purport to be from friends and invite them to meetings that are actually happening. The catch is: at one point the emails will attempt to trick them.

Phishing for accounts, not compliments

In 2017, the Citizen Lab at the University of Toronto and the Egyptian Initiative for Personal Rights, documented what they called the “Nile Phish” campaign, a set of emails luring activists into giving access to their most sensitive accounts – email and file-sharing tools in the cloud. The Seoul-based Transitional Justice Working Group recently warned on its Facebook page about a very similar campaign.

As attacks like these have mounted in recent years, civil society activists have come together to defend themselves, support each other and document what is happening. The Rarenet is a global group of individuals and organizations that provides emergency support for activists – but together it also works to educate civil society actors to dodge attacks before damage is done. The Internet Freedom Festival is a gathering dedicated to supporting people at risk online, bringing together more than 1,000 people from across the globe.

Have you read?

The emails from campaigns like Nile Phish may be cunning and carefully crafted to target individual activists, but they are socially sophisticated – they are not cutting-edge technology. Protection is stunningly simple: do nothing. Simply don’t click the link and enter information – as hard as it is when you are promised something in return.

Often digital security is about being calm and controlled as much as it is about being savvy in the digital sphere. And that is precisely what makes it difficult for passionate and stressed activists!

The million-dollar virus

Unfortunately, calm is not always enough. Activists have also been targeted with sophisticated spyware that is incredibly expensive to procure and difficult to spot. Ahmed Mansoor, a human-rights defender from the United Arab Emirates, received messages with malware (commonly known as computer viruses) that cost one million dollars on the grey market, where unethical hackers and spyware firms meet.

Rights defender Ahmed Mansoor in Dubai in 2011, a day after he was pardoned following a conviction for insulting UAE leaders. He is now in prison once more.
Rights defender Ahmed Mansoor in Dubai in 2011. Image: Reuters/Nikhil Monteiro
Shutting down real news with fake readers

Both phishing and malware are attacks directed against the messengers, but there are also attacks against the message itself. This is typically achieved by directing hordes of fake readers to the real news – that is, by sending so many requests through bot visitors to websites that the servers break down under the load. Commonly referred to as “denial of service” attacks, these bot armies have also earned their own response from civil society. Specialised packages from Virtual Road or Deflect sort fake visitors from real ones to make sure the message stays up.

A chart showing how distributed denial of service (DDoS) attacks have grown over time.
How distributed denial of service (DDoS) attacks have grown. Image: Kinsta.com; data from EasyDNS

Recently, these companies also started investigating who is behind these attacks – a notoriously difficult task, because it is so easy to hide traces online. Interestingly, whenever Virtual Road were so confident in their findings that they publicly named attackers, the attacks stopped. Immediately.

Online, as offline, one of the most effective ways to ensure that attacks end is to name the offenders, whether they are cocky kids or governments seeking to stiffle dissent.

But more important than shaming attackers is supporting civil society’s resilience and capacity to weather the storms. For this, digital leadership, trusted networks and creative collaborations between technologists and governments will pave the way to an internet where the vulnerable are protected and spaces for activism are thriving.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

Cybersecurity

Related topics:
CybersecurityResilience, Peace and Security
Share:
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

5 ways to achieve effective cyber resilience

Filipe Beato and Jamie Saunders

November 21, 2024

We asked 6 tech strategy leaders how they're promoting security and reliability. Here's what they said

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum