U.S. cybersecurity firm Secureworks said “a threat group sponsored or tasked by the Chinese state” was likely behind the attack because there was no attempt to monetize the access, the nature of the searches, the level of sophistication and the use of specific tools which are distinctive of China-sponsored actors.
Nivyabandi encouraged activists and journalists to update their cybersecurity protocols in light of it.
“As an organization advocating for human rights globally, we are very aware that we may be the target of state-sponsored attempts to disrupt or surveil our work. These will not intimidate us and the security and privacy of our activists, staff, donors, and stakeholders remain our utmost priority,” Nivyabandi said.
Amnesty is among organizations that support human rights activists and journalists targeted by state actors for surveillance. That includes confirming cases of activists’ and journalists’ cell phones being infected with Pegasus spyware, which turns the devices into real-time listening devices in addition to copying their contents.
In August, the cybersecurity firm Recorded Future listed Amnesty and the International Federation for Human Rights among organizations that Chinese hackers were targeting through password-stealing schemes designed to harvest credentials. It called that particularly concerning given the Chinese state’s “reported human rights abuses in relation to Uyghurs, Tibetans and other ethnic and religious minority groups.”
Amnesty has raised alarms about a system of internment camps in China that swept up a million or more Uyghurs and other ethnic minorities, according to estimates by experts. China, which describes the camps as vocational training and education centers to combat extremism, says they have been closed. The government has never publicly said how many people passed through them.
China’s embassy in Ottawa did not immediately respond to a message seeking comment.
AP writer Frank Bajack in Boston contributed to this report.