Home > Blog > Civil Society Must Get Up to Speed on Cyber Security, Watchdog Warns

Civil Society Must Get Up to Speed on Cyber Security, Watchdog Warns

August 1st, 2009

The International Development Research Centre (IDRC) has hosted a meeting where Rafal Rohozinski has highlighted the need for Information Security within NGO and Nonprofit organisations.

State-sponsored attacks that block websites and shut down mobile phone networks are increasingly being used to “disrupt the work of civil society at times when their input could be critical to political or social processes,” Rafal Rohozinski told a public meeting at the International Development Research Centre (IDRC).

Well-meaning groups working in the developing world also risk endangering the very individuals and communities they seek to help if they fail to get up to speed on information security in the digital era, he says.

At first glance, electronic spying might appear to be a cloak and dagger realm of little relevance to groups working in the field of international development. “Yet cyber security and cyber espionage have far-reaching implications for our work,” Rohozinski says.

In the past, traditional “signals intelligence” focused on intercepting communications — whether sent by telex, fax, phone, or mail — as they were in transit to their intended recipients. But the Internet has changed all that. Information can now be retrieved at source before it moves anywhere, and the cost of collecting it — using low-tech tools available to anyone — is minimal. It is now easy and cheap to vacuum up information, Rohozinski says — “and NGOs are more of a target than they were 15 years ago.”

Groups that collect data on vulnerable communities risk putting them in greater danger if the information is stolen, he says. Even seemingly benign documents, such as lists of meeting participants, could have strategic importance in the wrong hands.

“It’s important to recognize that as NGOs, particularly those that work with communities at risk, you are collecting information of a personal nature, which can be put to uses that are very different — in fact, antithetical — to the reasons you collect it,” Rohozinski says.

“There has to be discipline about what information you collect and how you hold and communicate it. But most NGOs and research organizations are poorly versed in information security — the level of awareness is abysmally low. Commercial off-the-shelf software won’t thwart this kind of attack.”

Oneworld Linked article – Civil Society Must Get Up to Speed on Cyber Security

Comments are closed.