The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security. Learn more »

In Focus

Tibetan Uprising Day Malware Attacks

Hundreds of members of the Tibetan community are being targeted by email-based malware attacks that leverage the March 10 Tibetan Uprising anniversary as a theme. This report analyzes two March 10 related attacks. One using a new malware family we call MsAttacker , and another using the ShadowNet malware family and command and control infrastructure related to previous campaigns that targeted the Tibetan community.

Hacking Team Reloaded? US-Based Ethiopian Journalists Again Targeted with Spyware

The research findings documented in this report suggest that Hacking Team may have continued to provide updated versions of its spyware to the same attacker who have targeted ESAT journalists based in the United States in 2014, despite reports of use of the spyware against journalists.

Call for Proposals: Citizen Lab Summer Institute 2015

The Citizen Lab Summer Institute on Monitoring Internet Openness and Rights is a series of intensive research workshops hosted annually at the Munk School of Global Affairs, University of Toronto.

Research News

Some impressions on Internet advertiser security

In our blog post, we describe the results of tests we conducted to measure HTTPS support on the advertisers found on a sample of news websites as well as two sample lists of advertisers. We find a large disparity between our results and the the level of security support referred to in a recent post on the Internet Advertising Bureau’s website.

Ron Deibert on OpenCanada.org

Citizen Lab Director Ron Deibert authored an article entitled “Who Knows What Evils Lurk in the Shadows?” published on OpenCanada.org.

Malware Attack Targeting Syrian ISIS Critics

This report describes a malware attack on a Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS). Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is against a group that is an active target of ISIS forces. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.

མི་མང་གི་ཚོགས་སྡེ་ཁག་ལ་རྒྱུན་མཐུད་པའི་གློག་ཀླད་ཀྱི་དྲ་འབུའི་རྒོལ་རྡུང་འཕྲད་བཞིན་པ།

Summary of our report, entitled “Communities @ Risk: Targeted Digital Threats Against Civil Society,” in the Tibetan language.

More Research...

Lab News

Jason Q. Ng on Apple accommodating Chinese demands

According to state media organization People’s Daily, Apple agreed to Chinese government “security checks.” Citizen Lab Research Fellow Jason Q. Ng expressed concern that this practice may set a trend of compliance to such demands amongst other firms.

Young Global Leaders names Morgan Marquis-Boire in Class of 2015

Citizen Lab Senior Security Researcher Morgan Marquis-Boire was named on the Young Global Leaders list for the Class of 2015, an organization headed by the World Economic Forum. The community is intended to provide the next generation of leaders with a platform to engage global affairs for positive change.

Chris Parsons on CSE targeting Canadians

In an article contributed to the National Post, Citizen Lab Postdoctoral Fellow Christopher Parsons explains that the activities of the Communications Security Establishment constitute spying on Canadians. Parsons summarizes several findings regarding the mandate and practices of the organization leaked over the last year and a half, many of which strongly undermine CSE’s claim that Canadians are not “targeted” by domestic security agencies.

FinFisher lawsuit to be heard in Pakistan’s Lahore High Court

The Lahore High Court in Pakistan is set to hear a case regarding the discovery of spyware suite FinFisher in the country. The lawsuit, brought by Cyber Steward Partner Bytes for All, contends that the government contravened the Privacy Act by indiscriminately spying on its citizens.

More Lab News...

Get Connected




Events