Site icon IT World Canada

Tech sector urged to help rights groups suffering cyber attacks

data security,privacy,security

Image courtesy of Shutterstock.com

A Toronto-based organization focusing on information technology and communications research is calling on software and technology companies to assist human rights groups around the world that are being bombarded with cyber attacks.

Just like large corporations and government agencies, so called civil society organizations (CSOs) face a barrage of persistent and disruptive targeted computer attacks. However, CSOs have far fewer resources to repel and deal with these assaults that pose a risk to civil rights and democracy around the world, according to the Communities @ Risk report by the Citizen Lab, an interdisciplinary research laboratory based at the University of Toronto’s Munk School of Global Affairs.

“We have observed that CSOs are often stuck in least-common denominator models of organizational security because thet are unable to standardize software prducts and devices across their organizations,” the report said. “This lack of sofware adaptability makes it hard to create a security policy or consitent set of security guidelines within the organization.”

Over the course of four year, Citizen Lab researchers conducted a study involving 10 civil society groups. The researchers used malware analysis, field work and interviews to determine the technical, social and political nature of the digital threats the organizations faced.

They found that many tools and software used by CSOs are often conterfeit and expired, a practice that leads such organizations to avoid systems updates. Many use free versions of tools and packages that typically have lowe levels of secrity compared to their for-sale counterparts.

The U of T-based organization is urging technology companies to consider either lending developers and techniians to CSOs to help them develop better cyber security systems and policies or contribute resources to these organizations.

“As a first step, we encourage technolgy companies to consult staff and management to ascertain interest in pro bono programs, and begin thinking through the other benefits, but also reputational risks and how they might be migigated,”according to the Citizen Lab. “Many developers and technologists would likely find it rewarding and meaningful to contribute time and resources to CSOs with the support and approval
of their employers.”

Other key findings of the study were:

Many organiozations receive emails emails that actually contained file attachments with malware that exploit flaws in programs such as Adobe’s PDF Reader and Microsoft Office. The malware enables attackers to access computers in the offices of the target CSOs and turn the machines into spying devices that steal files, record keystrokes and turn on computer Webcams and microphones.

“The tech sector has substantial resources that can be tapped,” according to the Citizen Lab. “As the sector professionalizes, as with law and medicine, it is time to examine pro bono models of support for digital security assistance to civil society.”

Exit mobile version