Amnesty International Hong Kong can reveal it has been the target of a sophisticated state-sponsored cyber-attack, consistent with those carried out by hostile groups linked to the Chinese government.
The cyber-attack was first detected on 15 March 2019, when state-of-the-art security monitoring tools detected suspicious activity on Amnesty International Hong Kong’s local IT systems. Cyber security experts took immediate action to protect the systems and to commence an investigation into the attack.
The initial findings reveal the attacks were perpetrated using tools and techniques associated with specific advanced persistent threat groups (APTs). Cyber forensic experts were able to establish links between the infrastructure used in this attack and previously reported APT campaigns associated with the Chinese government.
Highly placed sources say that the attack was detected when the human rights group chose to migrate its IT assets to a more secure international network. And as a part of the scheduled upgrade, auditing was conducted in which the fact that the equipment was sending data to remote servers located in China was detected.
IT experts identified the infiltration on March 15th of this year but chose to issue a public update after mentioning the same to the headquarters based in the United Kingdom.
Cybersecurity experts say that the equipment used in the Amnesty International’s Hong Kong office was supplied by a company which is being funded by Chinese intelligence. That means, all the whereabouts of the activity carried out on the IT infrastructure was probably being spied by the government of China.
APT Group aka Advanced Persistent Threats(APTs) cyber group has come under the scanner of western governments plenty of times. It was/is facing allegations of carrying corporate and political espionage overseas, which the group has denied so far.
“It’s an attack on the civil society and the NGO Community. And we are against such outrageous attempts to harvest information which is a clear cut violation of human rights”, said Man-Kei Tam, Director of Amnesty International Hong Kong.
The investigation is still going on and the criminals behind the incident will be tracked down. He assured that no financial information was compromised in the cyber incident.