Foreverdays: tracking and mitigating threats targeting civil society orgs

Wednesday 3 October 12:00 - 12:30, Green room

Masashi Nishihata (Citizen Lab)
John Scott Railton (Citizen Lab)

The networks of people and groups defending human rights and civil liberties have connected much faster than they have secured themselves. The outcome is predictable: the powerful interests that these people challenge are striking back by sponsoring digital operations against them. This presentation will provide an overview of the resulting epidemic of digital threats. Some of these threats are sophisticated, and include zero-day exploits, custom kits, and government-exclusive spyware sold for millions of dollars. However, we will highlight research that shows that the majority of these threats don't advance far beyond the minimum necessary technical sophistication to get the job done. Phishing and Commodity Off The Shelf (COTS) malware, in other words, are the norm. These basic threats are successful, because they exploit human behaviour, and are the original 'forever day' vulnerability.

Regardless of the level of sophistication, these threats can lead to very real harm to individuals, organizations, and social movements. We will draw from a decade of research on threats against civil society to show how the most damaging threats do not come from the most sophisticated threat actors. The security community has a tendency to focus on the newest, most sophisticated, and exotic threats. Phishing and RATs are 'boring'. Yet boring threats can do far more harm, on a much larger scale. Public health models can help us better frame our thinking on threats. Some of the biggest killers in the world are not exotic, high-profile diseases, but mundane illnesses, like malaria, and intestinal ailments. Through this talk we will argue that the threats to civil society groups are the canary in the coalmine, and encourage the security industry to re-calibrate the attention we give to the real, everyday killers.




Masashi Crete-Nishihata

Masashi Crete-Nishihata is Research Director at the Citizen Lab, Munk School of Global Affairs, University of Toronto. His research focuses on information controls and their impact on human rights. Recent work and collaborations include investigations of targeted malware operations against civil society groups and journalists, and analysis of keyword-based censorship on WeChat.




John Scott Railton



Related links

   Watch video

Back to VB2018 Programme page

Other VB2018 papers

Threat intelligence brokerage revisited

Juan Andrés Guerrero-Saade (Chronicle)

Levelling up: why sharing threat intelligence makes you more competitive

Michael Daniel (Cyber Threat Alliance)

Little Brother is watching - we know all your secrets!

Siegfried Rasthofer (Fraunhofer SIT)
Stephan Huber (Fraunhofer SIT)
Steven Arzt (Fraunhofer SIT)

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.