World Uyghur Congress an “Easy Target” for Hackers

World Uyghur Congress an “Easy Target” for Hackers

At Ars Technica, Robert Lemos reports that outdated software helps make a prominent exile Uyghur group a soft target for state-sponsored hacking:

In a paper to be delivered at the USENIX Security Conference next week, six academic researchers analyzed nearly 1,500 suspicious e-mail messages targeting the World Uyghur Congress (WUC). The team found that, while the malware managed to reliably evade detection by many antivirus programs, the attacks were relatively unsophisticated, using known vulnerabilities that had already been patched. The social engineering tactics, however, were very targeted and convincing, with the majority written in the native language, referring to events of interest to the NGO and appearing to come from known contacts, said Engin Kirda, a professor of computer science at Northeastern University and a co-author of the paper.

[…] Organizations that believe they could be targeted by such attacks should take more concrete steps to protect themselves. Upgrading systems to more modern operating systems and regularly patching those systems can help immensely, Kirda said. [Source]

The Tibetan exile community has also been a major target of both electronic and traditional surveillance.

CDT EBOOKS

Subscribe to CDT

SUPPORT CDT

Unbounded by Lantern

Now, you can combat internet censorship in a new way: by toggling the switch below while browsing China Digital Times, you can provide a secure "bridge" for people who want to freely access information. This open-source project is powered by Lantern, know more about this project.

Google Ads 1

Giving Assistant

Google Ads 2

Anti-censorship Tools

Life Without Walls

Click on the image to download Firefly for circumvention

Open popup
X

Welcome back!

CDT is a non-profit media site, and we need your support. Your contribution will help us provide more translations, breaking news, and other content you love.