Amnesty International Hong Kong has said it has been targeted by state-sponsored hackers, in a cyber-attack similar to those carried out by groups linked to the Chinese government.
The human rights organisation said on Thursday that suspicious activity on its local IT systems was detected on March 15 and a team of cyber forensic experts were brought in. They declined to provide further details on the nature of the suspected hack owing to an ongoing investigation, but told HKFP the campaign goes back “several years.” According to their initial findings, the campaign’s infrastructure was linked to other advanced persistent threat groups (APTs) associated with Beijing.
APTs are a form of cyber-attack commonly associated with state agents owing to the high degree of skill and resources deployed throughout. Amnesty said the tactics used against its servers were consistent with that of a “well-developed adversary.”
The cyber-attack reportedly occurred at a time when Chinese authorities were attempting to prevent cooperation between international and domestic NGOs. In 2017, the government implemented a sweeping foreign NGO law that sought to squeeze activities considered to be “endangering national security.”
The alleged hack comes at a time when Beijing faces increased accusations of spying from foreign governments. Multiple governments have banned the use of equipment from Chinese telecommunications giants Huawei and ZTE by its departments, citing national security concerns. China has fiercely denied such allegations.
Personal data ‘protected’
A global task force of cyber forensic and security experts was set up to deal with the threat, according to Amnesty.
Man-kei Tam, director of Amnesty International Hong Kong, said in a statement that organisation took swift action to protect the data of its partners: “This sophisticated cyber-attack underscores the dangers posed by state-sponsored hacking and the need to be ever vigilant to the risk of such attacks. We refuse to be intimidated by this outrageous attempt to harvest information and obstruct our human rights work,” he added.
Hong Kong’s Office of the Privacy Commissioner for Personal Data (PCPD) confirmed with HKFP that Amnesty had notified it of a potential data breach on Thursday.
In a written statement, Stephen Kai-yi Wong, privacy commissioner for personal data at the PCPD, told HKFP his organisation has initiated a compliance check to gather further details on the incident, including the cause of the data breach and possible follow up actions.
“All organisations are obliged to take effective security measures to protect the personal data of users and employees from unauthorised access or use. Failure to do so may amount to a contravention of the personal data security principle under the Personal Data (Privacy) Ordinance,” Wong added.
A spokesperson for Amnesty told HKFP that no financial information of donors was targeted.
“We will publish a technical report including indicators of compromise when the investigation has concluded,” they added.
Last August, Amnesty revealed that one of its staff members had been subject to attempted surveillance, identified as part of Pegasus – a sophisticated spyware platform sold by the Israeli surveillance vendor, NSO Group.
Update 21:30: A statement from Hong Kong’s Office of the Privacy Commissioner for Personal Data was added.
The Hong Kong Free Press #PressForFreedom 2019 Funding Drive seeks to raise HK$1.2m to support our non-profit newsroom and dedicated team of multi-media, multi-lingual reporters. HKFP is backed by readers, run by journalists and is immune to political and commercial pressure. This year’s critical fundraiser will provide us with the essential funds to continue our work into next year.