Canada’s cyberspy agency says countries like Russia and China are increasingly targeting non-profit and advocacy groups, as well as journalists and human rights activists.
The Communications Security Establishment issued the warning on May 14 in a joint advisory with the United States, the United Kingdom, Japan, Estonia and Finland.
The advisory says “industry reporting indicates a consistent pattern of state-sponsored cyber actors targeting specific segments of civil society.”
CSE’s Canadian Centre for Cyber Security says in a release there is a growing online threat to civil society, which is at “high risk.”
The advisory identifies the threat as “predominantly” coming from Russia, China, Iran and North Korea.
Targeted civil society groups also include academic, cultural and diaspora organizations, as well as individuals working to advance democracy.
“Often, these organizations and their employees are targeted by state-sponsored threat actors who seek to undermine democratic values and interests,” the advisory says.
The advisory warns that threat actors are using increasingly personalized and subversive tactics, and devoting significant resources to researching their targets.
It says threat actors “compromise organizational or personal devices and networks to intimidate, silence, coerce, harass, or harm civil society organizations and individuals.”
Actors often gain access to networks and devices by using social engineering, which “lures victims to divulge account credentials or download malware,” or by having targets download apps that seem legitimate but actually include malicious software.
“After gaining access to devices, actors often install spyware on the devices,” it says.
Those targeted often have a low capacity to defend themselves—for instance, due to a lack of internal IT support.
“Individuals that fall under the civil society umbrella often rely on insecure channels for communication and need to manage public profiles to advance their work,” the advisory cautions.
“Organizations with low defence capacity are ill-prepared for and vulnerable to common cyberthreats, such as social engineering attempts.”