China link alleged in hackingLocal | Stella Wong 26 Apr 2019
Amnesty International's Hong Kong office has been hit by a years-long cyber attack from hackers with known links to the Chinese government, the human rights group said yesterday.
The hackers attempted to collect information on the group in order to obstruct its humanitarian work.
Such information may involve personal details, including the names and contact information of the group's supporters and members, a spokeswoman said.
However, according to the initial findings of its own global task force, it was revealed that no bank account and credit card information was accessed, she said.
The group has already reported the case to the Office of the Privacy Commissioner for Personal Data, and sent e-mails and letters to inform those whose details may have been put at risk.
Amnesty said it first detected its systems had been compromised on March 15, when its Hong Kong office migrated its IT infrastructure to the group's more secure international network as part of a scheduled upgrade.
The group brought in a team of experts to investigate the cyber attack.
"Cyber forensic experts were able to establish links between the infrastructure used in this attack and previously reported [advanced persistent threats] campaigns associated with the Chinese government," the group said.
APTs are the most complex and effective hacks that deploy significant know-how and resources, and are usually carried out by, or on behalf of, a state.
China has long been accused by western governments, businesses and cyber analysts of using APT groups to carry out corporate and political espionage, as well as pursue critics and opponents overseas.
It has denied these allegations.
Amnesty said its investigations pointed to "a known APT group" which used "tactics, techniques and procedures consistent with a well developed adversary."
It declined to name the group, saying the probes are still ongoing, but added it would release a technical report later .
"This sophisticated cyber-attack underscores the dangers posed by state-sponsored hacking and the need to be ever vigilant to the risk of such attacks," said Tam Man-kei, director of Amnesty International Hong Kong. "We refuse to be intimidated by this outrageous attempt to harvest information and obstruct our human rights work."
Tam said experts are still trying to figure out when the attack began, but they believe the systems have been compromised for some time.
Civil and rights groups in the SAR are already on edge about what they say are fading freedoms in the financial hub.
Joshua Rosenzweig, acting head of Amnesty's East Asia Regional Office, which is also based here, said civil society is clearly a target when it comes to state-sponsored cyber attacks.