The human cost of surveillance
Greg Scarlatoiu stared at his computer in disbelief. It was about 4 a.m. on April 20, 2016, and Mr. Scarlatoiu 鈥 an early riser 鈥 had just brewed a cup of coffee. He logged onto his ASUS laptop and immediately noticed the computer鈥檚 media player had been opened 51 times, along with a single Microsoft Word document titled 鈥淎ssad,鈥 a reference to Syrian President Bashar al-Assad.
Sitting in a Buenos Aires hotel room that morning, the executive director of the Committee for Human Rights in North Korea realized he had been hacked. 鈥淭he first time I saw it, I was not 100 percent sure that somebody had hacked into my computer,鈥 Scarlatoiu said. 鈥淔reaky things happen, you鈥檝e seen basically computers act up.鈥
But Scarlatoiu 鈥 whose committee of US-based foreign policy specialists promotes human rights in North Korea and fights to increase citizen access to information 鈥 has been a victim of hacking before. In March 2013, his committee鈥檚 website had been vandalized by North Korea as a result of a massive cyberattack meant for targets in South Korea. A banner reading 鈥淗itman 007鈥擪ingdom of Morocco鈥 was placed on all sections of the website. It took 10 hours to remove. The meaning behind the digital graffiti remains a mystery.
So, in April, he knew what to do. First, he contacted his security team. They told him his computer had been remotely accessed and he had to stop using it, remove the battery, and get a new laptop. He complied. 鈥淵ou feel vulnerable,鈥 he said. 鈥淵ou always wonder whether there鈥檚 something you could have done to stay safer. You always wonder whether you made a mistake, you should鈥檝e been more careful.
鈥淚t鈥檚 a temporary feeling of vulnerability and insecurity that eventually has to go away very quickly because you have to take quick and prompt action, make sure you protect yourself, make sure you protect others.鈥
Over the past several years, governments around the world have increasingly turned to hacking tools as ways to effectively spy on activists, journalists, and other high-value targets. In particular, governments that do not have freedom of speech protections in place 鈥 such as North Korea 鈥 are honing in on rights groups that may operate in the West. Repressive regimes sometimes view those groups as threats or as assets that hold valuable information on dissidents and other political activists.
鈥淵ou feel vulnerable. You always wonder whether there鈥檚 something you could have done to stay safer.鈥 - Greg Scarlatoiu
Like Scarlatoiu鈥檚 organization, many of these rights groups have few digital protections in place to protect against cyberattacks nor the financial resources to keep themselves safe online, said John Scott-Railton, a senior researcher with the at the University of Toronto鈥檚 Munk School of Global Affairs.
Mr. Scott-Railton said the technology needed to target activists and groups is 鈥渢he bare minimum,鈥 and more often than not, victims are targeted with phishing emails 鈥 messages containing bad links and malware that attempt to harvest confidential user data.
For civil society organizations working with repressive regimes, being hacked can be 鈥渄evastating,鈥 Scott-Railton said. It can result in the loss of sensitive information, the disclosure of sources鈥 names or even a physical threat, he said.
It can also cause funding to dry up.
When Sony Pictures was attacked by North Korean state-sponsored hackers in November 2014, the Committee for Human Rights in North Korea felt an impact in their purse strings, Scarlatoiu said. The committee 鈥 which openly challenges North Korea on human rights issues 鈥 lost a few significant donors who were 鈥渁fraid for their own safety, the safety of their families, the safety of people working for their organizations,鈥 he said.
鈥淓ven when one is not directly targeted, there is collateral damage,鈥 Scarlatoiu added.
Although it鈥檚 hard to pin down whether hacks of civil society organizations and activists have increased, Scott-Railton said Citizen Lab鈥檚 research shows hacking goes up in times of political polarization. Given the nature of the 2016 election, it is 鈥渘ot unreasonable鈥 to expect that this problem will be much more visible in the United States in the next few years, he said.
Syria is a prime example. The civil war between the government, the opposition and ISIS shows no signs of slowing down. The crisis has led to intervention by a number of foreign governments, paving the way for security breaches.
According to Scarlatoiu, North Korea鈥檚 interest in Syria stems from its involvement with Assad鈥檚 government. It has been reported that North Korean troops are fighting alongside Syrian forces. There are also reports of a park dedicated to Kim Il-Sung, the founder of North Korea, in downtown Damascus 鈥 the country鈥檚 capital city. Luckily, Scarlatoiu鈥檚 hacked Word document didn鈥檛 contain any sensitive information that interfered with his mission, he said.
Scarlatoiu has been working with various cybersecurity experts, not only to increase his digital defenses, but also to get a better sense of who was behind the attack.
The timing and subject matter of the document points to North Korea as the perpetrator, and North Korean diplomats have expressed 鈥減rofound displeasure鈥 with the committee鈥檚 work, he said.
Still, he said, given the challenge of attributing cyberattacks there is no way to be certain. The attackers could have been anyone from freelance hackers to North Korean officials.
But either way, there had to have been some type of government involvement in the hacks, Scarlatoiu said. 鈥淚 sometimes compare this situation to the pre-World War I situation when devastating technology, devastating tools of death, were available and the world was completely unaware,鈥 Scarlatoiu said. 鈥淕overnment-sponsored hackers can do tremendous damage to the United States, to US citizens.鈥
