Planet Netsweeper

Internet filtering technologies play a critical role in shaping access to information online. Whether we are connecting to the Internet from our homes, coffee shops, libraries, or places of work, software that inspects, manages, and/or blocks our communications has become commonplace. When used at the level of large, consumer-facing Internet Service Providers (ISPs), Internet filtering technologies can have significant human rights impacts. A growing number of governments employ Internet filtering systems at this scale in order to undertake national-level censorship of the Internet. Filtered content ranges from pornography, hate speech, and speech promoting or inciting violence, to political opposition websites, news websites, websites affiliated with various religions, and everything in-between. The growing responsibilities among network operators to filter content, either within private enterprises or on public networks, have given rise to a large and lucrative market. One industry report estimated the value of the web content filtering market at $3.8 billion USD by 2022. While network operators can manually configure their infrastructure to block specific websites or applications, the task can be time- consuming, complicated, and ineffective. Internet filtering companies provide professional services to ISPs and other clients to take care of this responsibility. Typically, Internet filtering companies dynamically categorize Internet resources and then let their clients choose pre-selected content categories or services that they wish to block. Customers can also add custom lists of their own to content that is filtered or blocked. In the hands of authoritarian regimes, such professional services can limit the ability of citizens to communicate freely and help impose opaque and unaccountable controls on the public sphere

Behind Blue Coat: Commercial Filtering in Syria and Burma

Produced by the Citizen Lab at the Munk School of Global Affairs, University of Toronto.Citizen Lab research into the use of commercial filtering products in countries under the rule of authoritarian regimes has uncovered a number of devices manufactured by U.S.-based Blue Coat Systems in Syria and Burma. Although Blue Coat has recently acknowledged the presence of their devices in Syria, this brief contributes to previous findings of devices in the country, documents additional devices in use in Syria, and identifies Blue Coat devices actively in use in Burma. This brief urges Blue Coat to investigate these claims and take action to prevent the further use of its technology in Syria and Burma

Between Hong Kong and Burma: Tracking UP007 and SLServer Espionage Campaigns

Special thanks to Valkyrie-X Security Research Group and ASERT. We are grateful to Jason Q. Ng and Kun Cleo Zhang for translation assistance, and Adam Senft, John Scott-Railton, and Ron Deibert for comments.In this research note, we analyze a malware campaign targeting Hong Kong democracy activists. Two new malware families are used in the campaign that we name UP007 and SLServer. Previous reports have shown overlap in the tactics, tools, and procedures used in this campaign in other operations targeting groups in Burma, Hong Kong, and the Tibetan community.This research was supported by the John D and Catherine T. MacArthur Foundation and the William and Flora Hewlett Foundation

The Ethical and Legal Dilemmas of Digital Accountability Research and the Utility of International Norm-Setting

Nearly every aspect of our life is impacted by digital technologies manufactured and sold by companies. Legislative frameworks to limit the harms of such technologies have been slow to develop and remain entangled in controversy.1 The expanding role of digital technologies has been accompanied by a disturbing descent into authoritarianism in many countries that is also, in part, fueled by these very same tools.2 The decline of liberal democratic institutions is said to be linked to various properties of the digital ecosystem—from security flaws in popular applications used by states to engage in covert and remote surveillance3 to the development and exploitation of social media algorithms that push violent and divisive content.4 There is no doubt, then, that digital accountability research—which we define as evidence-based research seeking to track and expose risks to civil society in the digital ecosystem—is critical. This essay highlights the legal and ethical challenges faced in digital accountability research and concludes that a comprehensive and global ethical framework for such research is a critical step forward. As legal frameworks and norms continue to shift with respect to digital accountability research, such collaborative, international norm-setting would help ensure that digital accountability research continues

Shifting Tactics: Tracking changes in years-long espionage campaign against Tibetans

Special thanks to PassiveTotal, Ron Deibert, Lobsang Gyatso, Sarah McKune, Adam Senft, and Nart Villeneuve.This report describes the latest iteration in a long-running espionage campaign against the Tibetan community. We describe how the attackers continuously adapt their campaigns to their targets, shifting tactics from document-based malware to conventional phishingThis research was supported by the John D. and Catherine T. MacArthur Foundation (Professor Ronald J. Deibert, Principal Investigator)

Insider Information: An intrusion campaign targeting Chinese language news sites

We are grateful to China Digital Times, Epoch Times, Bowen Press, and HK01 for their participation.Thanks to our colleagues for review and assistance: John Scott-Railton, Lotus Ruan, Jeffrey Knockel, Lokman Tsui, Valkyrie-X Security Research Group, Andrew Hilts, Ron Deibert, and TNG.This report reveals a campaign of reconnaissance, phishing, and malware operations that use content and domains made to mimic Chinese language news websites.This project was supported by the John T. and Catherine D. MacArthur Foundation

Managing the Message: What you can’t say about the 19th National Communist Party Congress on WeChat

This report is by Masashi Crete-Nishihata, Lotus Ruan, (co-lead authors), Jakub Dalek, and Jeffrey Knockel. Graphics by Andrew Hilts. The authors thank Ruohan Xiong for research assistance and Ron Deibert, Jason Q. Ng, Adam Senft, and Lokman Tsui, for review and comments.The 19th National Communist Party Congress was held from October 18-24 2017. WeChat, China's most popular chat app, blocked a broad range of content related to the Congress

Spying on a Budget: Inside a Phishing Operation with Targets in the Tibetan Community

This report describes an inexpensive and technically simple phishing operation. It shows that the continued low adoption rates for digital security features, such as two factor authentication, contribute to the low bar to entry for digital espionage

Behind Blue Coat: An Update from Burma

Produced by the Citizen Lab at the Munk School of Global Affairs, University of Toronto.Citizen Lab research into the use of commercial filtering products in countries under the rule of authoritarian regimes has previously documented the use of devices manufactured by U.S.-based Blue Coat Systems in Syria and Burma. In Behind Blue Coat: Investigations of commercial filtering in Syria and Burma, we identified Blue Coat devices in Burma through the error messages, hostnames and filtering behaviour on Burmese Internet service provider (ISP) Yatanarpon Teleport. Additional evidence gathered by the Citizen Lab from Burma since the publication of that report has provided further confirmation that Blue Coat’s devices are presently in use in the country

Information Controls During Military Operations: The case of Yemen during the 2015 political and armed conflict

This research was supported by the International Development Research Centre (Canada) and the Social Sciences and Humanities Research Council of Canada (SSHRC) grant 430-2014-00183, Prof. Ronald J. Deibert, Principal Investigator