This amazing map tracks locations of governments which hack activists and reporters
It becomes almost impossible to track the culprits of online surveillance in an age where the cybercriminals cautiously shield their path through covers of proxy servers and mystification. However, it is sometimes easier to locate the victims of these spying operations. In an attempt to show how governments utilize digital intrusions to control and unsettle their enemies worldwide, one such open-source initiative has set out to map cases where state-sponsored malware campaigns target members of civil society.
This week an informal group of security researchers who call themselves the Digital Freedom Alliance launched a combined software project to aggregate and map out/a> government hackers’ attacks against journalists, lawyers, activists and NGOs around the globe. The project, whose code is hosted on GitHub, gathers data about state-sponsored malware infections from public sources like the University of Toronto’s Citizen Lab, TargetedThreats.net, and security firms’ research. That data is then arranged into a map that breaks down the attacks by date, the family of malware used, target type, as well as the location of the command and control server used to organize each malware campaign.
The mapping project was perceived last year, when Citizen Lab malware researcher Claudio Guarnieri gave a talk at the Chaos Communications Camp conference in Zehdenick, Germany about how security researchers need to co-operate more when fighting governments’ digital domination of activists and journalists. “We always lacked a starting point for people to get an understanding of what is going on…how countries are employing technologies to repress dissent,” he says. “Ideally, this would develop into a place where [we can] reconstruct narratives on what is happening in different regions of the world.”
For instance, with 145 documented attacks, the country with the most targeted attacks on the map is India. Guarnieri explains that the reason is due to the steep volume of attacks carried out by the Chinese government against the Tibetan exiles and separatist activists in the Indian city of Dharamsala. Further, Syria is the next most targeted country on the map, where the ruthless dictatorship of Bashar Al-Assad has been using malware to target opposition groups since the country decentralized into a bloody civil war.
In an effort to map out the dappled supply chain of targeted spying and to track victims, the Digital Freedom Alliance’s map also shows the location of companies selling surveillance technology, as well as the resellers of those tools. Guarnieri says that data is obtained from surveillance tracking projects like WikiLeaks’ Spy Files and BuggedPlanet.info. It is no surprise to know that the United States is the country with the most listed surveillance vendors, though Guarnieri acknowledges the list’s definition of “surveillance vendor” is rather wobbly: It comprises of not only the creators of the malware documented in the group’s map, but also other possible nasty technologies like internet filtering software and passive data collection tools.
There is no doubt that the map’s data is currently not complete. But Guarnieri hopes that it could someday soon assist as a source for tracing and fighting back against government spying with more and more researchers contributing to it. “[It provides] relevant information to further investigate, identify victims, and perhaps rally campaigning if there are human rights abuses involved,” he says.
The map project is also looked by Guarnieri to serve as a sign that Western surveillance firms’ technology does actually fall into the hands of autocrats who use it to surveil innocent victims—a refutation to the assertions of companies like the Italian firm Hacking Team. While the Milan-based tech company refused to accept that its tools were used for misconduct, but then a hack of its email server uncovered that it had sold its products to exploitive countries including Egypt, Ethiopia, Saudi Arabia, and Sudan. “I was tired of the Hacking Team-types claiming that there are no solid evidences of abuses, when there are plenty,” says Guarnieri. “You get most of them plotted in that map.”