Accessibility links

Tibetan Exiles Accuse Chinese of Cyber-Attacks

  • Kurt Achin

By mobile phone, Internet and shortwave radio, Tibetan exiles maintain a constant watch on their friends, contacts and relatives living in Tibet under Chinese control. China's increasingly sophisticated ability to conduct cyber-warfare is making the task more challenging, and pushing Tibetan exiles to develop training programs for keeping themselves secure online.

Kanyak Tsering is an exiled Tibetan monk. He belongs to a Dharamsala, India-based branch of the Kirti monastery, a Buddhist compound across the Chinese border that has been under a lockdown by security forces for months.

VOA's Tibetan language division was recently able to obtain video images of the Kirti compound, where a young monk immolated himself in March to protest what many Tibetans view as China's deliberate eradication of Tibet's traditional Buddhist culture.

He says all the monks in the monastery are forced to attend the patriotic re-education sessions, and Chinese officials tell the monks that if they don’t attend, they will be expelled from the monastery. In a few cases, he says, monks have tried to hide and were expelled as a result.

For months, Kanyak has had to step into the role of a spokesperson for the Kirti monastery, using every technological tool at his disposal. China closely tracks any communication between Tibet and Dharamsala, where Tibetan exiles have had their unofficial capital for more than 50 years. China views the small Indian city as the headquarters for a separatist movement. So, information flows have to be indirect.

"I get information in various ways - over the Internet using e-mails, websites, chat rooms, and Skype. Sometimes I make contact through mobile phones when Tibetans phone other Tibetan exiles they know," said Kanyak.

As he speaks to VOA, Kanyak receives a phone call. A contact says he has received an email appearing to be from Kanyak, but with a peculiar attachment. When Kanyak traces the email, he finds it has originated from an Internet address in China.

He says he can't say this or that individual is directly responsible, but that it is clear to him the Chinese Government is involved.

Greg Walton is an independent researcher who advises the Tibetan exile administration on security. He agrees that the email was probably a product of the Chinese government's increasingly vast cyber-offensive capability.

"What is intriguing is that often we'll see that the same command-and-control servers which are going after the big defense contractors, and stealing details of stealth bombers, or going after the big financial houses in New York - the same command-and-control servers are going after monks in Dharamsala," said Walton.

Cyber attacks are cleverly worded to convince recipients to click on a link, or open an attachment, which implants malware on the recipient's computer, giving digital eavesdroppers wide-ranging access.

Walton says a monk like Kanyak is a highly valuable target. "Such a person is going to have a rich social graph, from the attacker's point of view," added Walton. "Someone like that is very trusted, and if the Chinese are sending out emails from that account, it raises the probability that someone is actually going to trust the attachment and open."

Activist Tibetan exiles are stepping up efforts to train Tibetans about cyber security. Much of the material is in English, so the first task is translation.

Lobsang Gyatso teaches Tibetans who plan to re-enter Chinese-controlled areas about Tor, a network of volunteer routers that helps users hide their location and identity from repressive governments.

"What we have is a USB Tor. Which you can just carry in a pen drive and you use it wherever you want. So you have complete anonymity, and at the same time you are able to circumvent the Chinese firewall," Lobsang explained.

The strategy entails risk for those carrying the pen drives back into Chinese-controlled Tibet. Activists also warn that even though tools like Tor are effective, China's massive investments in cyber security mean no user is guaranteed 100 percent safety from watching eyes.

XS
SM
MD
LG