Cybersecurity for Tibetans In and Outside Tibet

May 7, 2018 By Tenzin Dalha*

The fragility of the information world we now live in demands strong cybersecurity surveillance. The escalation of potent cyber threat, part of living in the digital era, is understanding that our private information is more vulnerable than ever before. Organizations transmit sensitive data across networks and to other devices in the course of communication. Cybersecurity describes the discipline dedicated to protecting that information and the systems used to process or store it. As the volume and sophistication of cyber-attacks grow, Central Tibetan Administration (CTA) and Tibetan NGO’s, especially those are tasked with safeguarding information relating to their daily work, need to take steps to protect their sensitive data and personnel information.

The Office of the Dalai Lama, the CTA, Tibetan NGOs’ and offices of Tibet around the world are significantly targeted by digital espionage operations that extensively aim to collect sensitive information about their communications and activities. The Tibetan diaspora faces many threats and challenges.

China has employed more range of cybersecurity, internet surveillance, data mining and censorship measures to control Internet Service Provider (ISP) and Internet Content Provider (ICP).  Regulation over internet access has grown more comprehensive, specific and extensive with the Ministry of Public Security gaining the overall responsibility for internet supervision. Chinese are using more shrewd ways of controlling opinion online.

In 2009 researches at the Information Warfare Monitor, a Canadian NGO[i], accused Chinese hacking groups of breaking into computers at CTA, in London, New York and Dharamshala. But now hacking has become more sophisticated and refined. The Chinese hacker has become nuanced and savvy.

When the Dalai Lama’s official Chinese language website was hacked and infected in 2013 it became a global news covered by BBC. Kaspersky, multinational cybersecurity and anti-virus provider says the CTA website has been under constant attack from the same group of hackers since 2011, but previous breaches have been quietly identified and repaired before attracting significant attention. Kaspersky Lab researcher Kurt Baumgartner[ii] says the hackers used a method known as a “watering-hole” attack. Infecting visitors’ computers with viruses in what may be an effort to spy on human rights activists who frequently visit the site.

Implications of the new Cybersecurity Law

The implementation of the cyber security law on June 1, 2017 accelerates the damage it could do for global trade in services. According to the new law, China seeks to require companies to store all data within China and pass security reviews, within China’s ethos of “cyber sovereignty’, the idea that states should be permitted to govern, monitor their own cyberspace, control incoming dataflow. The new law definitely intrudes upon individuals’ rights to freedom of expression, opinion and information. The new law also forces individuals’ to self-censor and restrict sharing images or videos that understood by the Chinese authorities might be deem politically subversive.

Cyber-attacks seek to corrupt, damage, or destroy information or systems, and the people who rely on them. The distributed denial of service (DDoS) attack and phishing relatively low cost tactics to gain access to other accounts. Malware attack, sent as email attachment, become a common threat experienced by Tibetans in diaspora. They are few others which are more sophisticated.

The hackers sent email with a malicious attachment in spear phishing by monitoring the contact details within the Tibetan community. Video cameras and microphones are often hacked to spy on activist groups.

Citizen lab, a leading watchdog for digital censorship and online suppression, has found in its research that the lab has uncovered vast electronic spying networks that compromised thousands of computers, including the office of the Dalai Lama’s[iii]

China has long denied their involvement in such operations.  Not only does it hack heavily, but it also employs around reportedly ranged from 500,000 to two million[iv], internet propagandists to write comments on the internet to safe guard the prestige of CCP. The root of the nickname the idea that the government pays 50 renminbi cents per pro-China post. The 50cent army uses more sophisticated techniques for gathering and analyzing massive amounts of data.

This is the critical challenge for Tibetans who seek to use the internet to enhance their efforts to articulate views on sensitive political, economic, social subjects and to counter Chinese government attempt to promote misconception among Tibetan exile community. They are many evidence which shows, that Chinese hackers have been spying on Tibetan groups in India for many years.

Tibetan activists, and reporters received training to improve “digital hygiene” on the production of digital files and keeping intact information systems against unauthorized access, modification or destruction. They are being trained by the Tibet Action Institute (TAI), which aims to combine the power of digital communication tools with strategic nonviolent action to build the strength and effectiveness of the world wide Tibet movement.

China the world worst abuser of Internet Freedom

Recent report by Freedom house titled “Freedom on the net 2017”[v] says China is the worst abuser of internet freedom for the third consecutive year.

Cyber security protects the data and integrity of computing assets belonging to or connecting to an organization’s network. Its purpose is to defend those assets against all threats throughout the entire life cycle of cyber-attacks. There are few evidences regarding the cases of Tibetans in Tibet who are detained and interrogated for violating the cyber security laws of China. Tibetans are summoned for political education workshops on China’s cyber security laws and regulations.

Hackers will always exploit the weakest link, and many attacks are easily preventable by performing basic security tasks.  China’s efforts to influence global internet policy is largely designed to legitimize and prevent other countries from complaining about China’s existing controls on freedom of expression.  The escalation of the Chinese government’s effort to neutralize critical online opinion comes after a series of ongoing anti-corruption campaign and its struggle against ethnic minority. These are organized or published on the Internet service.

The Environment and Development Desk (EDD) of the Tibet Policy Institute email ID was hacked several times, according to the head of EDD Mr Zamlha Tempa Gyaltsen. He said, “The official email is occasionally targeted by malware attacks.  Last year some unknown virus infected our computer and whatever mails we sent or received, unknowingly it bounced back and forwarded these automatically to another registered mail ID. This is a clear indication that our accounts were being watched and monitored.

Mr. Samdup Choephel an independent cyber security researcher based in Dharamshala said, “Many Tibetan NGOs’ lack professional web handlers, limiting their knowledge in updating their website and which opens greater possibilities for hackers to attack their websites. He further emphasises on keeping individuals’ computers’ operating system, applications and antivirus programs updated to ensure the latest security updates and patches. Installing pirated softwares is also a key concern for him.

Pirated softwares are cracked versions people may land up on potentially dangerous websites, which can infect your PC with adware, bots and even a ransomeware. When the device is infected, the malware sends out the sensitive information such as username, account number, password etc. to a third party. Apart from all these, it can also completely disable your PC.

Conclusions and recommendations

Cybersecurity is security standards which enable organizations to practice safe security techniques to minimize the number of cybersecurity attacks. They are designed to protect and safeguard computers, networks and data from unauthorized access.

The attacker’s primarily objective is to undermine the unity of Tibetans that are digitally connected. The hackers install surreptitious monitoring program on the computer and create fake ID’s to weaken the harmony of the community by  disrupting the ability of Tibetan exiles to circulating of free flow information and communicate through internet and deliberate exploit the computer systems. Tibetan Community should be aware that the systems are built to certain security standards, they should be properly trained to prevent cyber-attacks that target the disclosure of important job files.

Efforts to increase digital security awareness to the masses are important. Tibetan computer users should be educated not to open unsolicited attachment and suspicious links through emails. It’s obvious fact that Tibetans internet users in Tibet have expressed their indignation against the stringent surveillance, screening and blocking of information by the Chinese government. More and more people are equipping themselves to defend against cyber-attack and understand the imminent threat attached.

[i] accessed on 08/04/2018

[ii] 10/03/2018

[iii] 18/01/7018

[iv] 15/02/2018

[v] 06/05/2018



*Tenzin Dalha is a research fellow at the Tibet Policy Institute. Views expressed here do not necessarily reflect those of the Tibet Policy Institute.

Print Friendly, PDF & Email