Joined by 15 T-Rex dinosaurs, more than 200 people demonstrated in January of 2017 against the appointment of former ExxonMobil CEO Rex Tillerson for secretary of state, urging senators to #RejectRex. (Photo: Eman Mohammed/350.org)
'Exceptionally Troubling': Researchers Show Hack-for-Hire Operation Targeted Groups Fighting for Climate Action and Net Neutrality
"If the investigation demonstrates that Exxon is behind these attacks, it only shows how far the fossil fuel industry will go to silence critics."
The Canadian digital watchdog group Citizen Lab reported Tuesday that a hack-for-hire group targeted thousands of organizations around the world, including climate advocacy groups involved in the #ExxonKnew campaign.
Groups that have asserted ExxonMobil knew about and hid data linking fossil fuel extraction to the climate crisis for years were among those that faced phishing attempts by a group dubbed "Dark Basin" by Citizen Lab. According to the research, numerous progressive groups--including Public Citizen, Greenpeace, 350.org, and Oil Change International--were among those targeted.
After an extensive multi-year investigation, Citizen Lab reported that it has linked Dark Basin "with high confidence" to BellTroX InfoTech Services, a technology company based in India which has publicly stated its hacking capabilities.
"Many of Dark Basin's targets have a strong but unconfirmed sense that the targeting is linked to a dispute or conflict with a particular party whom they know. However, absent a systematic investigation, it is difficult for most individuals to determine with certainty who undertakes these phishing campaigns and/or who may be contracting for such services."
--Citizen Lab
In 2017 when Citizen Lab began its investigation, the group believed Dark Basin could be state-sponsored, but soon determined it was likely a hack-for-hire operation. Its targets--which also included journalists, elected officials, and digital rights groups that have lobbied for net neutrality--"were often on only one side of a contested legal proceeding, advocacy issue, or business deal."
The watchdog has not been able to definitively link Dark Basin's phishing efforts to particular entities which would have an interest in threatening the #ExxonKnew campaign and net neutrality advocates.
"That said, the extensive targeting of American nonprofits exercising their First Amendment rights is exceptionally troubling," wrote Citizen Lab in its report.
A global hack-for-hire scheme, Citizen Lab wrote, "is a serious problem for all sectors of society, from politics, advocacy, and government to global commerce," particularly because the targets have little recourse without a robust investigation by law enforcement.
"Many of Dark Basin's targets have a strong but unconfirmed sense that the targeting is linked to a dispute or conflict with a particular party whom they know," the report reads. "However, absent a systematic investigation, it is difficult for most individuals to determine with certainty who undertakes these phishing campaigns and/or who may be contracting for such services, especially given that Dark Basin's employees or executives are unlikely to be within the jurisdiction of their local law enforcement."
350.org responded to the report, noting that Citizen Lab's ongoing investigation could eventually uncover the fossil fuel industry's involvement. While acknowledging the evidence does not exist to directly implicate Exxon or any specific corporate actor behind the effort, the group said it would be deeply troubled to find out the company would behave in such a manner.
"If the investigation demonstrates that Exxon is behind these attacks, it only shows how far the fossil fuel industry will go to silence critics and avoid accountability for fueling climate change," said 350.org.
Net neutrality advocates are accustomed to seeing "an uptick in breach attempts whenever we're engaged in heated and high-profile public policy debates," Tim Karr of Free Press told CBC Tuesday. Free Press was targeted by Dark Basin in 2017 as President Donald Trump's FCC was working to repeal net neutrality rules.
"When corporations and politicians can hire digital mercenaries to target civil society advocates, it undermines our democratic process," Evan Greer, deputy director of digital rights group Fight for the Future, told CBC.
FINAL DAY! This is urgent.
Dear Common Dreams reader, It’s been nearly 30 years since I co-founded Common Dreams with my late wife, Lina Newhouser. We had the radical notion that journalism should serve the public good, not corporate profits. It was clear to us from the outset what it would take to build such a project. No paid advertisements. No corporate sponsors. No millionaire publisher telling us what to think or do. Many people said we wouldn't last a year, but we proved those doubters wrong. Together with a tremendous team of journalists and dedicated staff, we built an independent media outlet free from the constraints of profits and corporate control. Our mission from the outset was simple. To inform. To inspire. To ignite change for the common good. Building Common Dreams was not easy. Our survival was never guaranteed. When you take on the most powerful forces—Wall Street greed, fossil fuel industry destruction, Big Tech lobbyists, and uber-rich oligarchs who have spent billions upon billions rigging the economy and democracy in their favor—the only bulwark you have is supporters who believe in your work. But here’s the urgent message from me today. It’s never been this bad out there. And it’s never been this hard to keep us going. At the very moment Common Dreams is most needed and doing some of its best and most important work, the threats we face are intensifying. Right now, with just hours left in our Spring Campaign, we're still falling short of our make-or-break goal. When everyone does the little they can afford, we are strong. But if that support retreats or dries up, so do we. Can you make a gift right now to make sure Common Dreams not only survives but thrives? There is no backup plan or rainy day fund. There is only you. —Craig Brown, Co-founder |
The Canadian digital watchdog group Citizen Lab reported Tuesday that a hack-for-hire group targeted thousands of organizations around the world, including climate advocacy groups involved in the #ExxonKnew campaign.
Groups that have asserted ExxonMobil knew about and hid data linking fossil fuel extraction to the climate crisis for years were among those that faced phishing attempts by a group dubbed "Dark Basin" by Citizen Lab. According to the research, numerous progressive groups--including Public Citizen, Greenpeace, 350.org, and Oil Change International--were among those targeted.
After an extensive multi-year investigation, Citizen Lab reported that it has linked Dark Basin "with high confidence" to BellTroX InfoTech Services, a technology company based in India which has publicly stated its hacking capabilities.
"Many of Dark Basin's targets have a strong but unconfirmed sense that the targeting is linked to a dispute or conflict with a particular party whom they know. However, absent a systematic investigation, it is difficult for most individuals to determine with certainty who undertakes these phishing campaigns and/or who may be contracting for such services."
--Citizen Lab
In 2017 when Citizen Lab began its investigation, the group believed Dark Basin could be state-sponsored, but soon determined it was likely a hack-for-hire operation. Its targets--which also included journalists, elected officials, and digital rights groups that have lobbied for net neutrality--"were often on only one side of a contested legal proceeding, advocacy issue, or business deal."
The watchdog has not been able to definitively link Dark Basin's phishing efforts to particular entities which would have an interest in threatening the #ExxonKnew campaign and net neutrality advocates.
"That said, the extensive targeting of American nonprofits exercising their First Amendment rights is exceptionally troubling," wrote Citizen Lab in its report.
A global hack-for-hire scheme, Citizen Lab wrote, "is a serious problem for all sectors of society, from politics, advocacy, and government to global commerce," particularly because the targets have little recourse without a robust investigation by law enforcement.
"Many of Dark Basin's targets have a strong but unconfirmed sense that the targeting is linked to a dispute or conflict with a particular party whom they know," the report reads. "However, absent a systematic investigation, it is difficult for most individuals to determine with certainty who undertakes these phishing campaigns and/or who may be contracting for such services, especially given that Dark Basin's employees or executives are unlikely to be within the jurisdiction of their local law enforcement."
350.org responded to the report, noting that Citizen Lab's ongoing investigation could eventually uncover the fossil fuel industry's involvement. While acknowledging the evidence does not exist to directly implicate Exxon or any specific corporate actor behind the effort, the group said it would be deeply troubled to find out the company would behave in such a manner.
"If the investigation demonstrates that Exxon is behind these attacks, it only shows how far the fossil fuel industry will go to silence critics and avoid accountability for fueling climate change," said 350.org.
Net neutrality advocates are accustomed to seeing "an uptick in breach attempts whenever we're engaged in heated and high-profile public policy debates," Tim Karr of Free Press told CBC Tuesday. Free Press was targeted by Dark Basin in 2017 as President Donald Trump's FCC was working to repeal net neutrality rules.
"When corporations and politicians can hire digital mercenaries to target civil society advocates, it undermines our democratic process," Evan Greer, deputy director of digital rights group Fight for the Future, told CBC.
The Canadian digital watchdog group Citizen Lab reported Tuesday that a hack-for-hire group targeted thousands of organizations around the world, including climate advocacy groups involved in the #ExxonKnew campaign.
Groups that have asserted ExxonMobil knew about and hid data linking fossil fuel extraction to the climate crisis for years were among those that faced phishing attempts by a group dubbed "Dark Basin" by Citizen Lab. According to the research, numerous progressive groups--including Public Citizen, Greenpeace, 350.org, and Oil Change International--were among those targeted.
After an extensive multi-year investigation, Citizen Lab reported that it has linked Dark Basin "with high confidence" to BellTroX InfoTech Services, a technology company based in India which has publicly stated its hacking capabilities.
"Many of Dark Basin's targets have a strong but unconfirmed sense that the targeting is linked to a dispute or conflict with a particular party whom they know. However, absent a systematic investigation, it is difficult for most individuals to determine with certainty who undertakes these phishing campaigns and/or who may be contracting for such services."
--Citizen Lab
In 2017 when Citizen Lab began its investigation, the group believed Dark Basin could be state-sponsored, but soon determined it was likely a hack-for-hire operation. Its targets--which also included journalists, elected officials, and digital rights groups that have lobbied for net neutrality--"were often on only one side of a contested legal proceeding, advocacy issue, or business deal."
The watchdog has not been able to definitively link Dark Basin's phishing efforts to particular entities which would have an interest in threatening the #ExxonKnew campaign and net neutrality advocates.
"That said, the extensive targeting of American nonprofits exercising their First Amendment rights is exceptionally troubling," wrote Citizen Lab in its report.
A global hack-for-hire scheme, Citizen Lab wrote, "is a serious problem for all sectors of society, from politics, advocacy, and government to global commerce," particularly because the targets have little recourse without a robust investigation by law enforcement.
"Many of Dark Basin's targets have a strong but unconfirmed sense that the targeting is linked to a dispute or conflict with a particular party whom they know," the report reads. "However, absent a systematic investigation, it is difficult for most individuals to determine with certainty who undertakes these phishing campaigns and/or who may be contracting for such services, especially given that Dark Basin's employees or executives are unlikely to be within the jurisdiction of their local law enforcement."
350.org responded to the report, noting that Citizen Lab's ongoing investigation could eventually uncover the fossil fuel industry's involvement. While acknowledging the evidence does not exist to directly implicate Exxon or any specific corporate actor behind the effort, the group said it would be deeply troubled to find out the company would behave in such a manner.
"If the investigation demonstrates that Exxon is behind these attacks, it only shows how far the fossil fuel industry will go to silence critics and avoid accountability for fueling climate change," said 350.org.
Net neutrality advocates are accustomed to seeing "an uptick in breach attempts whenever we're engaged in heated and high-profile public policy debates," Tim Karr of Free Press told CBC Tuesday. Free Press was targeted by Dark Basin in 2017 as President Donald Trump's FCC was working to repeal net neutrality rules.
"When corporations and politicians can hire digital mercenaries to target civil society advocates, it undermines our democratic process," Evan Greer, deputy director of digital rights group Fight for the Future, told CBC.