Foreverdays: tracking and mitigating threats targeting civil society orgs

Presented at VB2018, Oct. 3, 2018, noon (30 minutes)

The networks of people and groups defending human rights and civil liberties have connected much faster than they have secured themselves. The outcome is predictable: the powerful interests that these people challenge are striking back by sponsoring digital operations against them. This presentation will provide an overview of the resulting epidemic of digital threats. Some of these threats are sophisticated, and include zero-day exploits, custom kits, and government-exclusive spyware sold for millions of dollars. However, we will highlight research that shows that the majority of these threats don't advance far beyond the minimum necessary technical sophistication to get the job done. Phishing and Commodity Off The Shelf (COTS) malware, in other words, are the norm. These basic threats are successful, because they exploit human behaviour, and are the original 'forever day' vulnerability. Regardless of the level of sophistication, these threats can lead to very real harm to individuals, organizations, and social movements. We will draw from a decade of research on threats against civil society to show how the most damaging threats do not come from the most sophisticated threat actors. The security community has a tendency to focus on the newest, most sophisticated, and exotic threats. Phishing and RATs are 'boring'. Yet boring threats can do far more harm, on a much larger scale. Public health models can help us better frame our thinking on threats. Some of the biggest killers in the world are not exotic, high-profile diseases, but mundane illnesses, like malaria, and intestinal ailments. Through this talk we will argue that the threats to civil society groups are the canary in the coalmine, and encourage the security industry to re-calibrate the attention we give to the real, everyday killers.


  • John Scott-Railton - Citizen Lab   as John Scott Railton
    John Scott Railton @jsrailton
  • Masashi Nishihata - Citizen Lab
    Masashi Crete-Nishihata Masashi Crete-Nishihata is Research Director at the Citizen Lab, Munk School of Global Affairs, University of Toronto. His research focuses on information controls and their impact on human rights. Recent work and collaborations include investigations of targeted malware operations against civil society groups and journalists, and analysis of keyword-based censorship on WeChat.


Similar Presentations: