Human Rights NGO Amnesty International's Canadian branch recently disclosed it was a victim of a security breach likely perpetuated by a hacking group sponsored by China.
Amnesty International Canada and the cybersecurity firm it hired are still investigating if personal data from donors or members have been compromised.
Amnesty International Canada Security Breach Details
Amnesty International Canada reported on Dec. 6 that it became a target of a security breach on Oct. 5 caused by a hacking group sponsored by the Chinese state.
According to the organization's announcement, it first detected the breach when it noticed suspicious activity on its IT infrastructure. After this, it hired a team of forensic investigators and Secureworks, a cybersecurity firm, to investigate and take action against the hackers to protect its systems.
These investigators and cybersecurity experts believe at this point in their investigation that the hackers were unable to make away with the data the organization gathered about its donors and members. However, it is too early to know for certain, and as such, they will continue their investigation to confirm their beliefs.
What their investigation did find without a shadow of a doubt is that the security breach was done using tools and techniques connected with specific advanced persistent threat groups (APTs). It was these tools that helped Secureworks' cybersecurity experts to conclude that a threat group sponsored by the Chinese state was behind the breach.
Bleeping Computer reports that the attack was linked to a suspected Chinese threat group based on its tactics, techniques, and procedures, but the investigators have yet to reveal the threat group's identity as of press time.
Read More: SHEIN To Spend $15 million for Its Supply Factories After Questionable Labor Practices Found
Ketty Nivyabandi, Secretary General of Amnesty International Canada, wasn't surprised about the breach. According to a statement she made, Nivyabandi said that the organization is "very aware" it may be the target of state-sponsored attempts to disrupt or surveil its work since its organization is an advocate for human rights worldwide.
She also added that the security breach and other similar moves would not intimidate her and her colleagues, saying that the security and privacy of its activists, staff, donors, and stakeholders will always be her utmost priority.
"This case of cyberespionage speaks to the increasingly dangerous context which activists, journalists, and civil society alike must navigate today," she said. "Our work to investigate and denounce these acts has never been more critical and relevant. We will continue to shine a light on human rights violations wherever they occur and to denounce the use of digital surveillance by governments to stifle human rights."
Amnesty International's Involvement In China
Nivyabandi's lack of surprise at the attack is not surprising, either. Amnesty International has been publicly lambasting the Chinese government for its human rights violations, which include but are not limited to unfair trials, harrassment and intimidation, torture, and other ill-treatment for exercising the right to freedom of expression, among others.
It also published a lengthy article about the maltreatment of the Uyghur Muslims in the many internment camps of the Xinjiang province and other human rights violations the Chinese government is executing on its citizens to maintain stability, order, and power.
Related Article: New Azov Ransomware Can Wipe Your Data Clean - Here's What We Know
