The Hong Kong branch of Amnesty International has reportedly been the target of a sophisticated state-sponsored attack believed to have been carried out by a group of hostile threat actors within the Chinese government.
An April 25 press release from Amnesty International said the cyber-attack was detected on March 15, 2019, after monitoring tools identified suspicious behavior in the IT systems of Amnesty International Hong Kong.
Though the organization is not able to give specific details about the suspected cyber-criminals, the indicators of compromise identified at this stage are consistent with a well-developed adversary, according to the press release. Initial findings of cyber-forensic investigators suggest that the attackers used similar tools and techniques known to be associated with advanced persistent threat (APT) groups within the Chinese government.
“This sophisticated cyber-attack underscores the dangers posed by state-sponsored hacking and the need to be ever-vigilant to the risk of such attacks. We refuse to be intimidated by this outrageous attempt to harvest information and obstruct our human rights work,” said Man-kei Tam, director of Amnesty International Hong Kong, in the press release.
“The privacy and safety of all those we work with remains our priority. We took swift action to secure our systems and have provided guidance to help individuals ensure their personal data is protected. We take the privacy of our supporters’ information extremely seriously. We have contacted all individuals whose details may have been put at risk and urge anyone concerned to get in touch,” Tam said.
Human rights defenders have been the target of multiple attacks across the globe, and Amnesty International revealed that its staff members have been targeted with surveillance attempts in the aftermath of a 2016 law granted Chinese authorities to restrict the work of human rights activists, the press release said.