At least this stage of the conflict will be largely out in the open without easy recourse to plausible deniability. That suggests that something may be learned that we can count on elsewhere.
Hong Kong's real defense is the promise of a public reaction that will not respond to government attempts to control. Thus we have serious hesitancy.
I do not know where this activism will end but it is confronting power successfully. The message is getting out and i suspect it is also getting out in China.
.
A Cyberwar Quietly Rages Over Hong Kong
While protesters clash with police on the streets of Hong Kong,
an unseen battle is being fought on the Internet. A conflict between
hackers and the Chinese government is running quietly alongside what
takes place on the streets.
In unusually sophisticated attacks that analysts believe are coming
from the Chinese regime, hackers are infiltrating the phones, tablets,
and computers of pro-democracy activists in Hong Kong. The breaches
allow them not only to know what the protesters are planning ahead of
time, but will enable them to monitor the activists even after the
protests end.
The shadowy world of hackers isn’t just on the side of the Chinese
regime. Hackers in security are hard at work shining a light on the
Chinese regime’s cyberattacks. Hacker activists, meanwhile, are also
hard at work launching attacks on Chinese government websites and
calling for support of the democracy activists on social media.
Infiltration for Spying
Steven Adair, CEO of security company Volexity, is currently
investigating a set of targeted cyberattacks in Hong Kong designed to
infect computers of people visiting pro-democracy websites.
His findings so far, along with findings from other researchers, create a disturbing picture.
“It looks like someone is trying to infect and keep tabs on all
pro-democracy people in Hong Kong,” Adair said in a phone interview.
Volexity has been tracking an advanced cyberattack for the last few
months, which is targeting websites in Hong Kong and Japan. A summary of
their findings states, “In both countries, the compromised websites
have been particularly notable for their relevance to current events and
the high profile nature of the organizations involved.”
“In particular the Hong Kong compromises appear to come on the heels
of the Occupy Central Campaign shifting into high gear,” it states.
The attack works through websites that have been infected by hackers,
and if a user visits the sites it will install malware on their
devices. Among the websites it has appeared on are the English and
Chinese-language websites for the Democratic Party Hong Kong.
What makes the attack particularly interesting, however, is advanced code that filters which users it infects.
“What it tells us is it’s less likely they made a mistake, but rather
they had more data on who they wanted to exploit,” Adair said, adding
“They’re interested in what you’re browsing and what kind of documents
you have on your system. Those kinds of things.”
Smartphone Attacks
The attack through the democracy websites was not the first aimed at the protesters.
Two different attacks on Hong Kong democracy protesters were
uncovered on Sept. 30 by researchers at Lacoon Mobile Security. What
they found were advanced attacks on smartphones and tablets tailored to
target democracy activists in Hong Kong.
According to Michael Shaulov, CEO of Lacoon Mobile Security, the
Chinese regime has plenty of incentive to hack smartphones since “you
are able to track communications over the device itself and gain access
to real-time information.”
Consider that smartphones also have GPS trackers, microphones,
cameras, and are carried by people just about everywhere—including
during important meetings—and you have the perfect device to spy on.
“If you’re a government actor, getting your hands on this type of
information is really more powerful than getting information on
laptops,” Shaulov said. “For the purpose of spying it’s probably the
perfect tool.”
People with Android smartphones
in Hong Kong started receiving messaging saying “Check out this Android
app designed by Code4HK for the coordination of OCCUPY CENTRAL!”
The note sent on mobile messaging tool WhatsApp likely came off as
legitimate. Code4HK is a community of programmers who have been
developing technology to help in the democracy protests.
If a user clicked on the link, according to Lacoon Mobile Security,
it would install an advanced tool called an mRAT that allows a hacker
nearly full access to their phones.
The researchers states on their blog, the mRAT “is undoubtedly one of
the more advanced we’ve seen. It can extract almost anything it wants
from the device, making it an extremely versatile method of surveillance
…” It gives the hacker access to email, call logs, and the user’s
location, among other things.
The researchers add that they believe the Chinese regime is behind
the attacks, and note it is “also a very advanced mRAT that is
undoubtedly being backed by a nation state.”
The
attack on Android phones wasn’t isolated. The attack was launched
side-by-side with a nearly identical mRAT targeting iOS users with
iPhones and iPads.
This took the researchers by surprise, Shaulov said, because hackers
interested in money will rarely take the trouble to breach an iOS
device.
The iOS version of the virus, which researchers at Lacoon Mobile
Security called Xsser mRAT, works and was spread similarly to the
Android virus, but it only affects jailbroken devices—devices in which
the operating system has been modified by the user, removing certain
restrictions and allowing manufacturer-prohibited software to be
uploaded.
Considering that at least 30 percent of iPhones in China were jailbroken in 2013, according to Tech In Asia, the reach of the virus could still be broad.
Shaulov said they’ve only seen one other attack that went after both
Android and iOS devices simultaneously, and noted the iOS attack used a
“very sophisticated and very polished piece of malware.”
On Oct. 20, another cyberattack was uncovered, this one targeting Apple iCloud.
Researchers at GreatFire.org said Chinese authorities are launching
attacks that give them usernames and passwords for iCloud accounts,
which would then give them access to data such as photos, videos, and
contacts.
According to an analysis of the attack from GreatFire.org, the attack
may “be related again to images and videos of the Hong Kong protests
being shared on the mainland.”
Hactivists
The logo of hacker collective Anonymous is shown in a promotional image. Anonymous has been launching cyberattacks against the Chinese regime to support democracy protests in Hong Kong. (Anonymous)
While people in the cybersecurity industry are busy exposing attacks,
activist hackers are busy launching attacks they say are meant to
support people of Hong Kong protesting for democracy.
On Oct. 18, members of the hacker collective Anonymous launched
coordinated attacks against Chinese government websites, after they
officially declared cyberwar on the regime in an Oct. 15 video
announcement.
According to Strudalz, a prominent member of Anonymous, the attacks
“show it’s possible to break their regime down. They are only as strong
as the people allow them to be.”
The attacks, which targeted more than 150 websites, were the latest
in “Operation Hong Kong,” launched by Anonymous in early October to
support democracy protests in Hong Kong.
The largest attacks took place on Oct. 11 when members of Anonymous
leaked databases from 51 Chinese-government websites, which contained
tens of thousands of usernames and passwords, phone numbers, and other
information.
Hackers with Anonymous were also launching distributed denial of
service (DDoS) attacks on Chinese government websites, which can
overload the sites with artificial traffic and take them offline.
The cyberattacks from Anonymous seem to be more symbolic than
anything. Some Chinese netizens have pointed out that few people in
China visit the Chinese government websites they’re attacking.
But the attacks have irked the Chinese regime. The International
Business Times reported on Oct. 6 that Chinese authorities had arrested
five suspected hackers with Anonymous aged between 13 and 39.
The Chinese regime’s Hong Kong Liaison Office told Reuters “This kind
of Internet attack violates the law and social morals, and we have
already reported it to the police.”
On a deeper level, the protests in Hong Kong are an ideological challenge to the Chinese Communist Party (CCP).
The protests are being led by a belief in democracy and freedom, and
the CCP is trying to discredit those principles by labeling the movement
as something instigated by foreign governments, with ill intent toward
China.
A large part of the CCP’s efforts to quash the protests have likewise
taken place through propaganda channels. News agencies in China have
been using two propaganda lines: one that the protests are instigated by
foreign forces, and another that nobody is really joining the protests
anyway.
Meanwhile, the CCP has been hard at work trying to silence
independent media in Hong Kong, and its online censors have been working
double-time to remove online blog posts and comments that support the
protests.
With “Twitterstorms” Anonymous has been countering the CCP’s
censorship by spreading articles and information about the protests.
The people of Hong Kong have responded. Protesters often hold up
signs thanking Anonymous for its support and regularly Tweet photos of
them doing so.
Anonymous views the DDoS attacks and the stealing of the Chinese
regime’s databases as the 21st century version of a sit-in. In the
virtual landscape of the Internet, it is staging its own “occupation.”
Parallel to the real world one in Hong Kong, its occupation also calls
attention to the demand for democracy.
No comments:
Post a Comment