... The state of targeted attacks against civil society

https://www.nsec.io/2016/04/not-safe-organizing-state-targeted-attacks-civil-society/

Groups that work to protect human rights and civil liberties around the world are under attack by the many of the same attackers who target industry and government. These groups and organizations have far fewer resources to defend themselves, yet the stakes of the attacks are often much higher. This talk will give an update on the state of affairs, emphasizing two cases drawn from CItizen Lab’s recent work: attacks against the Tibetan community, and the Packrat group in Latin America.

The Tibetan community has been targeted for over a decade, and is engaged in a longstanding cat and mouse game with well-resourced attackers. Packrat is an attack group active for over eight years in several Latin American countries, and mixes malware and credential theft with large scale disinformation operations to target journalists, human rights campaigners, and politicians. Both cases have hallmarks of state sponsorship. We will begin by giving a window into victims and targets, discussing how they attempt to secure themselves, and the consequences of the attacks for their communities. Then we will pivot to describing attackers’ Tactics, Techniques and Procedures (TTPs), focusing on technologies, and social engineering strategies. We’re going to wrap up by highlighting where we see the trend of attacks going (new technologies, new tactics, larger scale), and speak to what you can do as security researchers to help, without quitting your day job.