Under cyber attack: an interview with Lobsang Sangay, Tibet’s exiled political leader

Photo: Wolfgang H. Wögerer, Vienna, Austria [CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0) or CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons

Lobsang Sangay at a solidarity rally for Tibet in 2012 (Photo: Wolfgang H. Wögerer, Vienna, Austria [CC-BY-SA-3.0 or CC-BY-SA-3.0], via Wikimedia Commons)

When Lobsang Sangay arrived at his office on September 16 2011, he found it to be “in a very bad mood.” The atmosphere was chaotic and panicked, he remembers. “People were running from computer to computer.”

It was not, to say the least, what he had been expecting. Just a few weeks earlier, Sangay had become Tibet’s new political leader, taking over all political authority from the Dalai Lama after winning an election held among exiled Tibetans all across the world. It had been his first day in parliament in Dharamsala, where the Central Tibetan Administration (CTA) is based, and his entire cabinet had just been unanimously approved — a cause for celebration.

Yet that same day, a top-secret memo about an upcoming visit to the US had somehow been obtained from the government’s computers, and leaked into the public domain. “Everything was supposed to be very confidential, and the memo was only meant for three people in Washington DC,” Sangay tells Pao-Pao.

His assistants recommended cancelling the trip altogether. “It’s all out,” they told Sangay. “Nothing is a secret.” Their worries were not unwarranted. The Chinese government had started pressuring the American politicians listed in the memo to cancel their meeting with Sangay. Still, he pushed ahead. “I said: ‘We are going to Washington DC, on the same dates as described in the memo, and we are meeting with the same people as in the memo. That’s the only way we can respond to Beijing’s bullying.’”

Security upgrade

In the end, the visit went ahead as planned. But the attack was a shock to Sangay. “First of all, that Beijing is so capable of penetrating our computers that they can get at even our very confidential memos,” he says. “But also, that when I came back to the office, they were logging into every computer in the office and trying to shut it down, trying to track down which computer was affected with a virus and how they stole the secret memo. The whole place was shut down.”

It wasn’t the first time that the Tibetan administration had found itself under Chinese cyber attack. In 2008, the large-scale cyber spying operation Ghostnet managed to extract emails and other data from the CTA. Ghostnet also affected other Tibet-related organisations, as well as embassies and government organisations across the world. A year later, ShadowNet was employed, which researchers from the Infowar Monitor (IWM) at the University of Toronto called a form of “cyber espionage 2.0”.

The IWM researchers were able to establish that the hackers worked from within China, but they have been hesitant to link these hackers to the Chinese government due to a lack of direct evidence. However, an American cable released by Wikileaks describes a “sensitive report” that was able to establish a connection between the attackers’ location and the Chinese army.

The 2011 attack propelled Sangay to tighten the administration’s digital security. “At the time, there was a different mindset about it: ‘Oh, we can’t do much about it, Beijing can do whatever it wants,’” he recalls. Sangay, who was an outsider to Tibetan politics and had spent the sixteen years before he was elected at Harvard Law School, didn’t agree. “I thought that we could upgrade our security to a certain level. Now, even if we have a virus, it’s only on one computer, we can isolate it.”

But while the CTA’s office might no longer grind to a halt when a computer is infected, attacks have continued unabated. In 2012, a Chinese cyber attack infiltrated at least 30 computer systems of Tibetan advocacy groups for over ten months. In 2013, the CTA’s website Tibet.net was compromised in a so-called watering hole attack, which allows hackers to spy on and subsequently attack website visitors.

Greg Walton, an internet security researcher at Oxford University, is concerned at the growing number of these watering hole attacks. When they are combined with attacks that exploit software vulnerabilities, he argues that “there is essentially no defence for the end user, and no amount of awareness or training will mitigate the threat.”

Sangay does not believe that absolute security is possible. “Beijing is still, I am sure, trying to steal things. And I am sure they are successful, in some sense. But we also have to try to make it a little more difficult,” he says. “I assume my email is being read on a daily basis. The Pentagon, the CIA, multinational companies are all being hacked, and they are spending hundreds of millions to protect themselves.”

Sangay throws up his hands: “Poor me! My administration’s budget is around 50 plus million dollars. Even if I would spend my whole budget to protect my email account, that still wouldn’t be enough.”

No attachment, please

Sangay does believe that many problems can be avoided with a few basic precautions. He uses very long passwords for instance, and changes them often to prevent hacks of his own email account. And, he says: “You always have to follow Buddha’s message. What would Buddha say if you send him an email? ‘No attachment please!’” Sangay laughs. “One of the cardinal sins in Buddhism is attachment. Well, Buddha’s lessons, who said that 2,500 years ago, are still valid.”

Holding himself to “Buddha’s teachings” has prevented Sangay from getting his computer infected many times — although there have been some close calls. Take for example the time Time magazine’s editor Hanna Beech emailed him, a week prior to a scheduled interview in Dharamsala.

“She sent me the ten questions she would ask me. I found that very generous, journalists sending me questions ahead of time!” Sangay was about to download the attachment — but then he paused. “I grew a bit suspicious, so I decided to write back to her to ask if it was really her.” Beech said it wasn’t.

The attack was sophisticated, but not uncommon, Sangay says. “We get that on a daily basis, literally; some Tibetan support group or someone from our office sends an email that will contain a virus.”

Strengthening bonds

For the Tibetan government, digital communications have offered Chinese hackers a welcome point of attack. But Sangay also emphasises the positive sides of the internet: “Despite the [Great] Firewall, information breaks through, and is exchanged. That is happening, and that is not something that the Chinese government or any other government can prevent.”

He points to the 2008 protests in Tibet as one example. In the protests, which some dubbed “the cellphone revolution”, written reports, videos and photos from eyewitnesses were able to make their way to the rest of the world via mobile phones.

Additionally, the internet has allowed the Tibetan Central Administration in Dharamsala, home of about 100,000 Tibetans, to strengthen its bonds with the approximately 50,000 exiled Tibetans living elsewhere. Sangay says that the exile community — “scattered across some forty countries” — keeps in touch mainly through the internet.

“The internet has been very vital. The other day, I was speaking to Tibetans in Belgium. I asked them how many log in to Tibet.net, our website, and how many watch Tibetan online TV. About 40% raised their hands.” Tibetans from inside Tibet even manage to send Sangay “one-off messages” via Facebook from time to time. “Things like: ‘I wish you well’, from Facebook accounts that are immediately deleted.”

Dangerous, but helpful

Tibetans inside and outside of China now also communicate constantly via WeChat, but that is not without danger. A year ago, two monks in Tibet were arrested and jailed after posting pictures of self-immolations via the chat app. “Many say it’s very dangerous, because it’s an app by a Chinese company,” Sangay concedes. Still, he also considers it “very helpful and informative” as long as it is used to discuss safe topics.

The Tibetan administration consciously abstains from contacting Tibetans inside China “for fear that we might jeopardise them,” Sangay says. “We get a little less than 100,000 readers to our website every month, and we know many are from inside Tibet and China as well. We know it’s happening, but we really don’t make deliberate efforts [to contact them], and we also don’t keep track.”

Skyping with Woeser

Since Sangay was elected, it has been too risky for him to keep in touch with Tibetans in China via the internet. But before his election, like many others, he was in touch with those inside China almost every day. During his years at Harvard, he often Skyped with the famed Tibetan blogger and activist Tsering Woeser.

“It almost became an everyday ritual. I would go to the office, and then at a particular time I would log on and we would talk for half hour or more. Because her Tibetan wasn’t good, I became her unpaid, amateur Tibetan language teacher.” Sangay laughs as he recalls Woeser’s unsuccessful attempts to crack jokes in her — at the time — mediocre Tibetan.

Unfortunately, Sangay says he “had to stop talking to her for fear that I might endanger her”. But he still admires her work: “She is a good source of information. She compiles information from inside and shares with the rest of the world. She is very bold.” He considers bloggers like her an invaluable resource for those who want to know what life in Tibet is really like.

So will the internet ultimately be a force for good or evil? Sangay doesn’t know. “It all depends on who uses it. For good, if more good people use it.” On the one hand, he is in awe at how nowadays “in zero seconds, at almost zero cost, you can send vast volumes of information”. But he worries about the security side of the internet. “Ultimately, the [power] dynamic is so asymmetrical. One has wealth, and control over access to stronger and better technology, and one doesn’t.”

That, of course, is a power dynamic that the Tibetan leader has long ago gotten accustomed to. “I think the David and Goliath battle will go on, even on the internet,” Sangay says. “Ultimately, if David will prevail, we will have to see.”

This article is also available in Chinese at Pao-Pao.net

This article was posted on 10 November at indexoncensorship.org with permission from Pao-Pao.net

Stricter and subtler: how China has ramped up instant messaging censorship


(Image: Screengrab from linecorp.com/en/)

The instant messaging app LINE has strengthened its censorship methods in mainland China, according to new findings from the Citizen Lab at the University of Toronto. The academic researchers not only found proof that the app now censors more topics than ever before, but also that LINE is censoring in a way that is harder to detect for the average user.

Want to discuss the China’s ruling Communist Party (CPC) with your friends on LINE? Go ahead. Compare foreign leaders to dictators? No problem, chat away. Unless you mention both the CPC and dictatorship in one chat message, you won’t notice LINE’s new censorship policy. That’s because LINE recently “improved” its censorship methods in China by adding almost fifty so-called regular expressions to its long list of taboo subjects; that is, groups of words that users are allowed to use independently, but not in combination.

The findings are interesting because LINE’s novel use of regular expressions allows a more subtle form of censorship, argues Jason Q. Ng, one of the researchers at the University of Toronto. “It allows for a more nuanced censorship for topics such as Xinjiang, instead of just a blanket block,” he told Pao-Pao over the phone, referring to the western province which has long been plagued by tensions between Chinese authorities and the indigenous Uighur people.

That’s positive for the authorities, he explains: “If you hide a smaller set of things, less people will encounter censorship than if you block everything related to a certain topic. Many people might want to speak in a so-called ‘legitimate’ way on a topic like Xinjiang, so if [the censors] block everything related to the topic, it will just make those people curious about the censorship, and the reasons behind its existence.”

Ng says that he thinks that the new method of censorship will only hinder the small minority of people already aware of the existence of censorship. One of the new, blocked combinations of words on LINE includes “Xinjiang”(新疆)and “independent” (獨立). Similar censorship techniques have already been implemented on Weibo, also known as Chinese Twitter.

There’s a whimsical name for the phenomenon that the Chinese authorities are trying to avoid with these new techniques: the Streisand effect, after American singer Barbara Streisand. In 2003, she attempted to suppress photographs of her residence in Malibu, California by suing a photographer. The lawsuit ended up inadvertently generating a storm of publicity: whereas only six people had viewed the photographs before the lawsuits — two of which were her attorneys — the case caused 420,000 people to look up the photos within the month.

But it is a serious principle, as demonstrated earlier this month, during the protests in Hong Kong which were in a sense also a prime example of the dreaded Streisand effect. After a few students were teargassed by the police in an effort to suppress their protest, local outrage and support only swelled, resulting in a much higher turnout at demonstrations on the following days.

The Citizen Lab researchers have been tracking and analyzing LINE’s censorship for close to a year. They have reverse engineered the application, finding that when the user’s country is set to China it will enable censorship by downloading a list of banned words from a website called Naver. Whenever the list is updated, they study the differences compared to previous lists.

In a post on their website, Citizen Lab also show users how they can change their regional settings, allowing them to circumvent censorship on LINE within China.

In Citizen Lab’s report on the new methods, the researchers conclude that the new list “demonstrates LINE Corporation’s continued commitment to filtering keywords for users based in China and a push to improve the underlying technology”.

Still, Jason Q. Ng says that it is hard to say whether LINE’s censorship is better or worse than other chat apps like WeChat. “For LINE it is easier to see the exact way they censor,” he says. “Normally we can’t do that: we have to test the app word by word. We are still working on WeChat. Also, it depends on the way you measure: some apps might censor less, but have the ability to surveil a lot. That might be worse for the users.”

This article was originally published at pao-pao.net