Modern field guide to security and privacy

The human cost of surveillance

Often, activists, dissidents, and journalists are victims of government spying. And it can happen with one click.

Illustration by Alicia Tatone

Greg Scarlatoiu stared at his computer in disbelief. It was about 4 a.m. on April 20, 2016, and Mr. Scarlatoiu — an early riser — had just brewed a cup of coffee. He logged onto his ASUS laptop and immediately noticed the computer’s media player had been opened 51 times, along with a single Microsoft Word document titled “Assad,” a reference to Syrian President Bashar al-Assad.

Sitting in a Buenos Aires hotel room that morning, the executive director of the Committee for Human Rights in North Korea realized he had been hacked. “The first time I saw it, I was not 100 percent sure that somebody had hacked into my computer,” Scarlatoiu said. “Freaky things happen, you’ve seen basically computers act up.”

But Scarlatoiu — whose committee of US-based foreign policy specialists promotes human rights in North Korea and fights to increase citizen access to information — has been a victim of hacking before. In March 2013, his committee’s website had been vandalized by North Korea as a result of a massive cyberattack meant for targets in South Korea. A banner reading “Hitman 007—Kingdom of Morocco” was placed on all sections of the website. It took 10 hours to remove. The meaning behind the digital graffiti remains a mystery.

So, in April, he knew what to do. First, he contacted his security team. They told him his computer had been remotely accessed and he had to stop using it, remove the battery, and get a new laptop. He complied. “You feel vulnerable,” he said. “You always wonder whether there’s something you could have done to stay safer. You always wonder whether you made a mistake, you should’ve been more careful.

“It’s a temporary feeling of vulnerability and insecurity that eventually has to go away very quickly because you have to take quick and prompt action, make sure you protect yourself, make sure you protect others.”

Over the past several years, governments around the world have increasingly turned to hacking tools as ways to effectively spy on activists, journalists, and other high-value targets. In particular, governments that do not have freedom of speech protections in place — such as North Korea — are honing in on rights groups that may operate in the West. Repressive regimes sometimes view those groups as threats or as assets that hold valuable information on dissidents and other political activists.

“You feel vulnerable. You always wonder whether there’s something you could have done to stay safer.” - Greg Scarlatoiu

Like Scarlatoiu’s organization, many of these rights groups have few digital protections in place to protect against cyberattacks nor the financial resources to keep themselves safe online, said John Scott-Railton, a senior researcher with the Citizen Lab at the University of Toronto’s Munk School of Global Affairs.

Mr. Scott-Railton said the technology needed to target activists and groups is “the bare minimum,” and more often than not, victims are targeted with phishing emails — messages containing bad links and malware that attempt to harvest confidential user data.

For civil society organizations working with repressive regimes, being hacked can be “devastating,” Scott-Railton said. It can result in the loss of sensitive information, the disclosure of sources’ names or even a physical threat, he said.

It can also cause funding to dry up.

When Sony Pictures was attacked by North Korean state-sponsored hackers in November 2014, the Committee for Human Rights in North Korea felt an impact in their purse strings, Scarlatoiu said. The committee — which openly challenges North Korea on human rights issues — lost a few significant donors who were “afraid for their own safety, the safety of their families, the safety of people working for their organizations,” he said.

Click here see the full 'Web of vulnerabilities' multimedia project

“Even when one is not directly targeted, there is collateral damage,” Scarlatoiu added.

Although it’s hard to pin down whether hacks of civil society organizations and activists have increased, Scott-Railton said Citizen Lab’s research shows hacking goes up in times of political polarization. Given the nature of the 2016 election, it is “not unreasonable” to expect that this problem will be much more visible in the United States in the next few years, he said.

Syria is a prime example. The civil war between the government, the opposition and ISIS shows no signs of slowing down. The crisis has led to intervention by a number of foreign governments, paving the way for security breaches.

According to Scarlatoiu, North Korea’s interest in Syria stems from its involvement with Assad’s government. It has been reported that North Korean troops are fighting alongside Syrian forces. There are also reports of a park dedicated to Kim Il-Sung, the founder of North Korea, in downtown Damascus — the country’s capital city. Luckily, Scarlatoiu’s hacked Word document didn’t contain any sensitive information that interfered with his mission, he said.

Scarlatoiu has been working with various cybersecurity experts, not only to increase his digital defenses, but also to get a better sense of who was behind the attack.

The timing and subject matter of the document points to North Korea as the perpetrator, and North Korean diplomats have expressed “profound displeasure” with the committee’s work, he said.

Still, he said, given the challenge of attributing cyberattacks there is no way to be certain. The attackers could have been anyone from freelance hackers to North Korean officials.

But either way, there had to have been some type of government involvement in the hacks, Scarlatoiu said. “I sometimes compare this situation to the pre-World War I situation when devastating technology, devastating tools of death, were available and the world was completely unaware,” Scarlatoiu said. “Government-sponsored hackers can do tremendous damage to the United States, to US citizens.”

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.