Page last updated at 10:34 GMT, Wednesday, 26 March 2008

Net activists in the firing line

Young Buddhist monks, AFP
Pro-Tibet groups have been hit by targeted cyber attacks

Governments need to do more than just protect themselves against cyber attacks, says Bill Thompson.

In common with other administrations the UK government is concerned about the security of the realm and its ability to cope with natural disasters, foreign aggression and terrorism.

Over the years the importance of computer systems, networks and of course the internet have become apparent even at the highest level of the administration.

So it is unsurprising that the National Security Strategy announced by the Prime Minister last week contains a number of references to the network and to the growing fear of what it calls "cyber-attack".

The strategy notes that "the internet is itself a trans-national, fast-changing and loosely-governed entity, but is also part of our critical national infrastructure" before stating the obvious by pointing out that "it is both a target and an opportunity for hostile states, terrorists and criminals".

Amidst the platitudes about "new and sophisticated technical attacks, attempting to penetrate computer networks through the internet" and a commitment to "support international efforts to monitor and protect the safety and security of new technology" there's little of real substance.

Bill Thompson
We may be headed for a period in which low-level cyber-warfare between governments and campaigning organisations is just part of the political process.
Bill Thompson
After all, promising to work with "international, public, and private sector partners to ensure that our government systems and critical national infrastructure are adequately protected against cyber-attack" is not so much a strategy as a vague aspiration.

And in a world where even the largest and wealthiest companies worry about their susceptibility to distributed denial of service attacks from multi-million computer botnets, what chance does the UK government have of offering any realistic protection?

Let's not forget that the HM Revenue and Customs website where people submit their tax returns crashed in late January just because people wanted to use it. I somehow doubt it would withstand a concerted attack from one of the larger criminal gangs.

It's also important to appreciate that it isn't only the "critical national infrastructure" that needs to be protected here.

Millions of people now rely on the internet in their daily lives, whether they are banking or shopping or earning a living or just keeping in touch with friends.

And more and more political and campaigning groups are using the network to organise, agitate and push for change.

Sadly it is quite clear that at the moment such groups have no real protection, as a number of them have found out recently.

Since the latest round of protests over the Chinese occupation of Tibet several groups campaigning for Tibetan independence have reported that their computer systems are under attack.

Rather than the obvious denial of service attacks, where millions of fake requests for information are made to a website so that it is unable to cope and either crashes or becomes to slow to serve real users, these intrusions are more subtle.

Food queue in Darfur, AP
Attacks on the Save Darfur group were routed through China
Activists at the International Tibet Support Network are being sent e-mails that appear to come from sympathetic organisations, with attached documents containing statements of support or evidence of human rights breaches by the Chinese governments.

When opened the documents, which can be Word, Excel or PDF files, use common security loopholes to try to install programs that will monitor the user's online activity and send information back to a well-known Chinese website that has been used in the past for this sort of surveillance.

The details were uncovered by security firm F-Secure, and it is clear that the goal here is not to damage the computer systems but to bug them.

The attacks are not limited to pro-Tibet groups. In the US the Save Darfur Coalition has asked the FBI to investigate its suspicions that its e-mail server had been hacked into.

According to spokesperson Allyn Brooks-LaSure the attack came from computers with IP addresses in China, and he believes that "someone in Beijing is trying to send us a message".

This may be the case, but we have to be very careful when it comes to claiming that governments are directly behind this sort of attack.

There is no evidence that the e-mails either originated from or were sanctioned by the Chinese authorities, and they could just as easily have been organised by activists without official backing.

Soldier, BBC
State-sponsored cyber attacks may become part of politics
Whoever is responsible, the attack on pro-Tibet groups is clever, sophisticated and has probably been very effective. And even if no data is actually sent to China, it will distract attention and resources from the campaign during the next few days and so will make life easier for the Chinese authorities.

Last year's violent repression of the protests by Buddhist monks in Burma was accompanied by a clampdown on internet access, but this did not affect the photos and videos that were already out there on Flickr and YouTube.

China has both the resources and the skills to make online life difficult for groups around the world, even if it is not behind the current attacks.

In the end it may be up to individual groups and campaigns to harden their systems, improve their security practices and upgrade their protection in order to cope with attacks from those who disagree with them.

We may be headed for a period in which low-level cyber-warfare between governments and campaigning organisations is just part of the political process.

Perhaps the Prime Minister should show that he's serious about his national security strategy by offering free security advice and support to any political or campaigning group that asks for it.

After all, a strong democracy is one that supports and sustains an active and engaged civil society, and these days that means having a functioning website, a working e-mail address and a secure network.

Bill Thompson is an independent journalist and regular commentator on the BBC World Service programme Digital Planet.

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific