Hong Kong Office of Amnesty International experienced a cyberattack
Hong Kong office of Amnesty International experienced a cyberattack that as per the group is a state-sponsored team's work, whose tactics and strategies have been consistent with those who are supported by Chinese government.
The group based in London said on the night of April 25, 2019, that this cyberattack was first discovered on March 15, 2019, after state-of-the-art security monitoring tools has noticed suspicious activity on IT systems of the Hong Kong branch.
After detection of suspicious activity on IT systems of the Hong Kong branch, Amnesty said that a "global taskforce" has been set up for addressing the problem that included pulling in security professionals and cyber forensics.
The affected systems were analyzed and steps were now taken for protection, so as to lessen the danger of further compromise.
Amnesty International said that it was not able to provide exact information about the areas that were targeted, or precise nature of this cyberattack as investigation is not yet completed. However, information might have been compromised in this cyberattack as Amnesty has said that it contacted all the individuals whose information might have been exposed. Amnesty International Hong Kong Director, Man-kei Tam, also said that this cyberattack was an "outrageous attempt to harvest information and obstruct our human rights work".
Man-kei Tam added that "the privacy and safety of all those we work with remains our priority. We took swift action to secure our systems and have provided guidance to help individuals ensure their personal data is protected".
South China Morning Post have been told by an Amnesty spokesperson that the supporters' names, personal contact information and identity card numbers of Hong Kong were compromised, however the financial data is safe.
In a rare move, Amnesty also has provided attribution. The companies as well as cybersecurity vendors often don't like providing direct attribution -- particularly when an investigation is going on -- however Amnesty says that this cyberattack is work of specific APT (Advanced Persistent Threat) groups.
"The first phase of the investigation found extensive evidence that the perpetrators belonged to a known APT group, utilizing tactics, techniques and procedures consistent with a well-developed adversary," says Amnesty.
The statement of the group said that a technical report will be released containing indicators of compromise once the investigation concluded.
Hong Kong's Personal Data Privacy Commissioner's Office has also been notified about this cyberattack.
» SPAMfighter News - 5/16/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!