Join our Mailing List

"We Tibetans are looking for a legitimate and meaningful autonomy, an arrangement that would enable Tibetans to live within the framework of the People’s Republic of China."

Countering Chinese cyber-attack via open source: lessons from Tibet and China

November 7, 2018

The NewsLens, October 31, 2018- Taiwanese people love talking about politics, but Taiwan's g0v group of open source advocates go beyond discussion to write programs, promote open information and organize hackathon-style gatherings. 

Beginning as a small nucleus of computer science engineers, the community quickly grew to encompass NGOs, journalists and civil servants, picking up new supporters at each of the bi-monthly hackathon events it has held since coming into being in 2012. 

Yet the apex of its expression is the largest civic tech event in Asia – the three-day-long G0v Summit – the 2018 edition of which was held Oct. 6-8 at Academia Sinica, Taiwan's National Academy in the Nangang District of Taipei.

Thousands of people flocked to attend and hear submissions from 33 countries on how open source and civic tech solutions can assist in the defense and promotion of democracy. 

Among the speakers were a civil servant of the Tibetan government in exile and a Chinese social activist, both of whom were keen to stress the pivotal role Taiwan and its people could play in their own fight for a democratic future. 

Tenzin Chokden is a civil servant in the department of cyber security of the Tibetan government in exile and an ambassador for the Red Hat-Sponsored international open source operating system, Fedora. 

On a personal trip to Taiwan, he shared how Chinese hackers have targeted the Tibetan community, as well as the assistance open source communities and software can provide in their struggle for freedom from malicious online interference. 

Calling cyber security "the most important and urgent of all" the fields in information technology, Chokden outlined his path from graduating university to the frontline of defending Tibetan society online.

“[Cyber security] is essential for the Five Poisons in particular,” Chokden said, referring to the term used by the Chinese Communist Party (CCP) for supporters of separatism in Tibet, Taiwan, Xinjiang, Mongolia and Hong Kong.

Some might substitute Mongolia and Hong Kong for supporters of the Falun Gong spiritual movement and advocates of democracy in China, and call the grouping the “Five Separatists,” but the sentiment is the same – these are the groups bearing the brunt of China's cyber warfare efforts. 

Chokden explained that the Tibetan government in exile doubled down on building cyber security capability after the leaders of several countries refused to meet the Dalai Lama in 2009. The rejections occurred after governments including that of French President Nicolas Sarkozy came under cyber attacks from China as a result of the decision to publicly meet with His Holiness. 

Through a 10-month investigation by the Canadian initiative the Information Warfare Monitor centering on Dharamshala, the exiled government confirmed Chinese hackers, via the massive GhostNet cyber-espionage network, had launched large-scale and systemic cyber attacks on the Tibetan exiled community.

The CCP-orchestrated operation also tracked and infiltrated leading officials in the Tibetan government in exile, as well as government, financial and media institutions in 103 countries. Over 1,295 computers used by Tibetans were infected or ‘hijacked’ through the GhostNet espionage network, resulting in revelations of a series of secret meetings. 

In addition, information about self-immolation, Tibetan Buddhism and Tibetan separatism has all been the target of Chinese control of online speech. 

In 2009, a self-immolation case in protest of the Chinese crackdown in Tibet following riots the previous year was kept secret from overseas Tibetan communities for six weeks. It was the 145th self-immolation protest that year.  

Although conscious about fighting an information war, the Tibetan government in exile, as a priority target of the Chinese online military, “has problems of labor, products and information shortages,” Chokden admitted.

The exiled government began building cyber security capacity in 2009 with a priority mission to seek outside help and at the same time provide the Tibetan community with educational training.

Chokden explained that for Tibetans, every single person is unavoidably part of the information war. Aside from government officials and leaders, every Tibetan’s online information that is publicly accessible, including WeChat records or those compromised after a person mistakenly opens viruses disguised as emails, can lead to infiltration of other Tibetans’ privacy. 

After a decade of all-out information war, Chokden believes that the most dangerous sentiment undermining the Tibetan public’s ability to protect themselves is the tendency “to feel ‘I have nothing to hide.’” He says this attitude leads the public to be responsible for key breaches of information.

When Tibetans’ social network usernames and passwords are hacked, this opens access to their family and friends, from whom hackers can glean seemingly insignificant pieces of information about their everyday lives. These are then used as material for ‘social network engineering.’ For example, when hackers understand an individual’s social circle and schedule, they can pretend to be a member of that person’s family or friends to target them with misinformation.

 “For example, they may send you an email before an interview, telling you the location of the interview or their phone number has changed, and ask you to open the attachments. However careful you are, you may still click to open them,” Chokden said. 

Some example titles of phishing emails used to tempt Tibetans into clicking and downloading viruses include: “German Chancellor Angela Merkel comments on protest activities in Lhasa,” “Whole texts of Tibetan Women’s Union’s speech at the UN,” and “Activities in memory of the 53rd anniversary of 1959 anti-riot actions in Tibet.”

To counter such pernicious threats, Chokden’s department provides civil servants with lessons and training. Besides this, civil society organizations like Tibet Action Institute provide educational training for different agencies and schools.

“My wish is to find resources to start a hackers’ school,” Chokden said, adding that training for the public focuses on everyday communications, such as avoiding use of WeChat at all costs, how to manage one’s username and password settings, and so on.

Moving forward, Chokden wants to educate high school students to understand the cyber security field or plan careers as cyber security experts and do their part in contributing to the Tibetan community. 

Training the next generation

Raising the everyday public’s awareness of cyber security is already a challenge, so how can one go about tapping into teenagers’ mindsets? 

“I demonstrate in front of them the kinds of things hackers can do,” Chokden said, adding that he always uses a person in the group as an example and hacks into her social network account in the presence of the others. Then he starts tracking her online footprints and obtaining her personal data. “Some of them find it funny, others feel embarrassed about their accounts being hacked, and some just find hackers cool,” he said.

Chokden places hope in the next generation. Growing up with tablets, they have the potential to be powerful actors in tomorrow's information war. Otherwise, if awareness of cyber security is not instilled from a young age, their digital footprints and private information they divulge may well become the ‘ammunition’ hackers can deploy to threaten their safety. 

Chokden also said that the challenges and threats Tibet faced over the past decade are also present in Taiwan. A wave of large-scale attacks at the beginning of this year is just a continuation of similar attacks on Taiwan’s Ministry of Foreign Affairs and its Department of Cyber Security that have ripped across the Taiwan Strait for years.

In light of the commonality, building international collaboration frameworks, skills transfer, or open source communities like g0v, and the possibility of sharing technical support, talent training or digital products that have higher levels of cyber security, are crucial points of discussion for Taiwan and Tibet, both of which belong to the ‘Five Poisons’ group.

“The g0v community's acceptance of my entry, causing more people to know about this issue and letting me come into contact with people from all kinds of fields, actually has been a great help for us,” Chokden added.

“Taiwan and Tibet are the same, (in real life) we have to fight for what we believe in continuously.” Chokden concluded by addressing his audience in front of a picture of the Dalai Lama and his famous remark “If you feel you are too small and can’t possibly change anything, you might as well sleep with a mosquito and see what happens.”

In addition to Tibetan exiles, the G0v Summit also attracted Chinese dissidents. One attendee, known only as ‘Bear,’ is a Chinese citizen and longtime participant in clandestine Chinese social movements.

She saw information about the summit via Facebook. Although she missed the deadline for submissions, she secured a spot for a ‘lightning speech’ platform, where she managed to speak to a packed audience for just five minutes at the end of the three-day event. 

“Everybody (in Taiwan) lacks an interest in China, probably because they feel there’s nothing they can do,” she said, mentioning how she had drawn little attention to her cause prior to her speech. “We, however, don’t think about it that way. No one sees the work of action takers.”

Bear explained that Chinese social movements, ranging from those based on gender equality to environmental issues, have experienced a downturn in recent years because the space authorities provide is shrinking while costs of movements increase. Yet activists still create space amid the squeeze, which has given Chinese social movements two qualities. 

First, they are closely knit. Because they cannot openly organize physical gatherings, they rely on regional people-to-people exchanges to develop networks, information exchanges and training. These networks are also attempting to use new techniques like blockchain, which can be used to file and disseminate information recording arrests of activists and the statuses of underground social movements.

Second, they must move quickly. “Everybody knows many things are gone quickly [on the Chinese internet], so information has to be sent rapidly,” said Bear. “Before a ban is imposed or posts are deleted, [people compete to see] who is faster.”

Bear is optimistic that these qualities give Chinese social movements “a chance to possibly break the status quo,” citing the Every Snowflake program in the recent #MeToo movement as an example.

Victims of sexual harassment in China were censored by authorities when they responded to the global #MeToo movement – the term ‘sexual harassment’ was censored on the Chinese internet. But a WeChat Mini Program called Every Snowflake appeared, enabling victims to mark their locations on a map. China saw a blanket of ‘snowflakes’ fall across the country overnight.

 “[The words] ‘sexual harassment’ were taboo, but the map mini program made the victims feel connected and know ‘I am not alone,’” Bear explained.

Bear said open source has helped China’s activist developers evade authorities – in the past, they would often be implicated by authorities for their work on tools used to aid social movements. It also enables developers to share resources, she said.

She added that, as Chinese social movement organizations must cope with constant suppression and the threat of arrest, they are often dependent on Taiwanese knowledge and support. She thinks there is an opportunity for further cooperation and resource sharing between Chinese activists and the Taiwanese civic tech community. This would also give Chinese activists a sorely needed wider platform. “So many people are fighting in China,” said Bear, “but most of the information about it cannot be properly shared.”

At the g0v summit, Bear became aware of the distance between China and Taiwan. “I think everybody [in Taiwan] is blessed. So much money, energy and labor can be devoted to dealing with the problem of uneven roads,” she said, smiling as she recalled a project at the summit dedicated to collecting data to help the government repair Taiwan’s roadways.

As Bear watched speakers from 23 countries talk about flaws in democracy and the role civic tech can play, she wondered whether non-democratic countries can themselves use civic tech to put innovation into practice. To her, a good start would be more cross-Strait exchanges of ideas and techniques. “If [the] Chinese really want democratic freedom, they need the world’s support,” she said.

Bear is used to living under the watchful eye of authorities. “I’ve been hunted down since I went to school,” she said, noting that university students she knew were frequently ‘searched’ by the National Security Bureau. “If there is a platform to communicate with students in schools, I can tell them what to do when they are being suppressed,” she said.

Perhaps Taiwan, home to a large civic tech community which speaks a shared language, can help develop a platform to better connect China’s often isolated activists, and to assist them in sharing their experiences beyond the confines of China’s heavily censored internet and to the rest of the world.

CTC National Office 1425 René-Lévesque Blvd West, 3rd Floor, Montréal, Québec, Canada, H3G 1T7
T: (514) 487-0665   ctcoffice@tibet.ca
Developed by plank