The Canadian branch of the human rights organization Amnesty International reported on Monday a sophisticated cyber-attack linked to China.
The non-profit said it first spotted suspicious activity on October 05, 2022, and immediately engaged a team of forensic investigators and cybersecurity experts from Secureworks to protect its systems and investigate the source of the attack.
According to a blog post on the Amnesty International website, the investigation’s preliminary results suggest the attack had been executed using tools and techniques associated with Chinese advanced persistent threat (APT) groups.
The non-profit added it is speaking publicly about the attack to warn other human rights organizations about the rising threat of data breaches.
“This case of cyber-espionage speaks to the increasingly dangerous context which activists, journalists, and civil society alike must navigate today,” wrote Ketty Nivyabandi, secretary general of Amnesty International Canada.
“Our work to investigate and denounce these acts has never been more critical and relevant. We will continue to shine a light on human rights violations wherever they occur and to denounce the use of digital surveillance by governments to stifle human rights.”
At the time of writing, the organization said it found no evidence that donor or membership data was compromised in the breach.
“This incident, once again, demonstrates the danger state actors pose to anyone who would criticize the policies of certain regimes,” said CyberSmart CEO Jamie Akhtar.
“Unfortunately, an attack on Amnesty International, following the Vatican last week, tells us that no organization is beyond the pale when it comes to targets for state-sponsored cyber-threats.”
Commenting on the news, Javvad Malik, lead security awareness advocate at KnowBe4, said that while details about the attack are currently scarce, most criminals and state-sponsored APT groups typically infiltrate firms via spear phishing, exploiting unpatched vulnerabilities or through weak credentials.
“If organizations address these main areas by having a patch management plan in place, by deploying MFA [multi-factor authentication], and [by] providing user awareness and training to spot phishing emails that make it into their inbox, and provide ways to report [them], then [they] can greatly reduce the likelihood of being successfully attacked,” Malik concluded.
The Amnesty International breach comes weeks after a Surfshark report suggested data breaches rose by 70% globally in Q3 2022.