China shifts cyber attack tactic on Tibetan groups



(, Jul12, 2015) – Dharamsala, home of the Dalai Lama and the exile Tibetan administration is the “ground zero in China’s cyberwar” and the tactics of attack have changed in keeping with cyber-security drives in the Tibetan community, reported Jul 10.

A major study on targeted malware attacks against Tibetan groups and pro-democracy activists in Hong Kong released recently by Citizen Lab, which is at the Munk School of Global Affairs at the University of Toronto, show that the attack tactic had shifted from sending malicious attachments using emails of unsuspecting senders to using malicious Microsoft PowerPoint Slideshow files and Google doc files.

“These attacks are highly targeted, appear to re-purpose legitimate content in decoy documents, and had very low antivirus detection rates at the time they were deployed,” the report was quoted as saying.

Last November, when the Associated Press reported that Tibetan monks were being buffeted by persistent cyberattacks, Tibet Action Network, a digital security group, urged the monks and other Internet users to avoid sending or opening email attachments and to use cloud-based storage like Google Drive as an alternative, the report noted.

The Citizen Lab report has also concluded that the similarities between the attacks on Tibet groups and those on Hong Kong pro-democracy activists “suggests that either they are being conducted by the same threat actor or threat actors targeting these groups are sharing tactics, techniques, and procedures.”


Please enter your comment!
Please enter your name here