The US cybersecurity agencies caution against escalating threats from nation-state cyber actors targeting civil society worldwide, highlighting Russia, China, Iran, and North Korea as the primary perpetrators. These malicious operations primarily aim at non-governmental organizations, think tanks, human rights advocates, and journalists, aiming to undermine democratic values. Lacking robust IT support and cyber hygiene, many civil society groups are vulnerable to cyberattacks, exposing them to intimidation, coercion, and surveillance.
Cyber attackers frequently exploit insecure communication channels used by journalists and dissidents, employing tactics like social engineering to gain unauthorized access. State-sponsored hacking groups, such as North Korea’s Velvet Chollima and China’s Mustang Panda, install spyware on compromised devices to conduct extensive surveillance, including location tracking and file access. The US agencies emphasize the significant cyber threat to civil society, urging enhanced cybersecurity measures and resources to combat these attacks effectively.
The advisory provides a comprehensive overview of the cyber threats faced by civil society organizations, offering insights from various cybersecurity industry reports. Despite limited resources, civil society groups are encouraged to adopt mitigation strategies outlined in the advisory and collaborate with law enforcement to counter cyber threats effectively. The recognition of this pervasive cyber threat marks a crucial step in mobilizing support and resources to safeguard civil society against state-sponsored cyber aggression.
Reference:
