The Canadian SIGINT Summaries includes downloadable copies, along with summary, publication, and original source information, of leaked CSE documents.

Citizen Lab Director Ron Deibert wrote an article entitled “The Geopolitics of Cyberspace after Snowden,” [pdf] published in the January 2015 edition of Current History, a journal of contemporary world affairs.

This report describes a malware attack on a Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS). Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is against a group that is an active target of ISIS forces. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.

In an article published on openDemocracy.net, Citizen Lab Senior Legal Advisor Sarah McKune writes about the digital threats that civil society organizations (CSOs) face in carrying out their work, which undermine their privacy and compromise sensitive information. “To address this problem we must expand the terms and scope of the debate, exploring the link between the right to privacy and access to digital security more fully,” said McKune.

Contained are links to a set of 9,054 sensitive Chinese keywords, which combine 13 existing lists. These keywords may be helpful to researchers who are searching for censored content in Chinese or testing for network interference.

In an op-ed on OpenCanada.org, Citizen Lab Director Ron Deibert argues that law enforcement and intelligence agencies such as the US’s NSA, UK’s GCHQ and Canada’s CSE must be highly accountable, transparent to democratically elected representatives, and unleashed to act only in tightly circumscribed way, in order to protect the liberal democratic society in which we live.

This post provides a summary of early findings associated with Canadians creating right to information requests using the Access My Info tool. It discusses several themes emergent from an analysis of company responses to such requests.

At USENIX Security 2014 Citizen Lab researchers presented two papers on targeted threats against civil society communities as part of a dedicated session on the topic entitled Tracking Targeted Attacks against Civilians and NGOs.

This report provides a detailed analysis of two products sold for facilitating targeted surveillance known as network injection appliances. These products allow for the easy deployment of targeted surveillance implants and are being sold by commercial vendors to countries around the world. Compromising a target becomes as simple as waiting for the user to view unencrypted content on the Internet.

While there has been much discussion about the use of software described as ‘implants’ or ‘backdoors’ to perform targeted surveillance, this report is about the less well understood method by which most targeted surveillance is delivered: network injection.