Government-sanctioned attacks against activists, journalists, and opposition politicians who expose corruption and abuse in repressive regimes are on the rise, according to a new report on internet freedom released Tuesday by an American pro-democracy group.
Freedom House detected cyberattacks against regime critics in 34 of the 65 countries studied in its 2017 Freedom on the Net report, marking a nearly 40 percent increase from 2016.
Regimes or associated actors are increasingly taking out independent blogs and news sites by deploying a common method of cyber attack known as a distributed denial-of-service (DDoS) strike—the use of networked, hijacked computers to flood websites with data requests that overwhelm the sites and disrupt or shut down their operations. The report found instances of government-backed DDoS attacks in 18 countries, many of which were backed by the government, including in Bahrain, Azerbaijan, Mexico, and China.
Governments, along with non-state actors, have also increasingly turned to bots to manipulate online discussions and drown out dissidents on social media platforms.
In Mexico, for example, the study observed roughly 75,000 automated accounts, or bots, that were employed over the past year to overwhelm political opposition on Twitter. Anytime a new hashtag emerged to draw attention to the corruption scandal enveloping the government of President Enrique Peña Nieto, government backers would deploy bots to bury the antigovernment hashtags with irrelevant posts.
Cyberattacks have become more common in part because of the "increased availability of relevant technology, which is sold in a weakly regulated market," along with poor security practices by those targeted, the report said.
"The relatively low cost of cyberattack tools has enabled not only central governments but also local government officials and law enforcement agencies to obtain and employ them against their perceived foes," the group continued.
Regimes and non-state actors have also hacked the devices of journalists or activists to steal private data or monitor their online activities, which can have a chilling effect on the work of those criticizing the government.
Human rights organizations in Egypt were targeted this past year in a large-scale phishing scheme in which hackers fooled activists into loading ransomeware by clicking on a fraudulent internet link sent by email.
Seven human rights groups currently on trial in the country received over 90 phishing attempts in a coordinated plot to steal sensitive information, according to the report. It is unclear whether the government was involved in the scheme.
The report said activists and journalists are often ill-prepared to protect against technical attacks, which currently represent the second-most common form of internet control, behind arrests of users for dissident political or social content.
Many of these attacks also go unreported, particularly when victims fear retribution for speaking out or a government lacks a clear channel to document such incidents.