Under cyber attack: An interview with Lobsang Sangay, Tibet's exiled political leader
Tibet's leader-in-exile discusses his Buddhist approach to digital security, and why he still holds hope for the future of the internet
When Lobsang Sangay arrived at his office on September 16 2011, he found it to be "in a very bad mood." The atmosphere was chaotic and panicked, he remembers. "People were running from computer to computer."
It was not, to say the least, what he had been expecting. Just a few weeks earlier, Sangay had become Tibet's new political leader, taking over all political authority from the Dalai Lama after winning an election held among exiled Tibetans all across the world. It had been his first day in parliament in Dharamsala, where the Central Tibetan Administration (CTA) is based, and his entire cabinet had just been unanimously approved - a cause for celebration.
Yet that same day, a top-secret memo about an upcoming visit to the US had somehow been obtained from the government's computers, and leaked into the public domain. "Everything was supposed to be very confidential, and the memo was only meant for three people in Washington DC," Sangay tells Pao-Pao.
His assistants recommended cancelling the trip altogether. "It's all out," they told Sangay. "Nothing is a secret." Their worries were not unwarranted. The Chinese government had started pressuring the American politicians listed in the memo to cancel their meeting with Sangay. Still, he pushed ahead. "I said: 'We are going to Washington DC, on the same dates as described in the memo, and we are meeting with the same people as in the memo. That's the only way we can respond to Beijing's bullying.'"
In the end, the visit went ahead as planned. But the attack was a shock to Sangay. "First of all, that Beijing is so capable of penetrating our computers that they can get at even our very confidential memos," he says. "But also, that when I came back to the office, they were logging into every computer in the office and trying to shut it down, trying to track down which computer was affected with a virus and how they stole the secret memo. The whole place was shut down."
It wasn't the first time that the Tibetan administration had found itself under Chinese cyber attack. In 2008, the large-scale cyber spying operation Ghostnet managed to extract emails and other data from the CTA. Ghostnet also affected other Tibet-related organisations, as well as embassies and government organisations across the world. A year later, ShadowNet was employed, which researchers from the Infowar Monitor (IWM) at the University of Toronto called a form of "cyber espionage 2.0".
The IWM researchers were able to establish that the hackers worked from within China, but they have been hesitant to link these hackers to the Chinese government due to a lack of direct evidence. However, an American cable released by Wikileaks describes a "sensitive report" that was able to establish a connection between the attackers' location and the Chinese army.
The 2011 attack propelled Sangay to tighten the administration's digital security. "At the time, there was a different mindset about it: 'Oh, we can't do much about it, Beijing can do whatever it wants,'" he recalls. Sangay, who was an outsider to Tibetan politics and had spent the sixteen years before he was elected at Harvard Law School, didn't agree. "I thought that we could upgrade our security to a certain level. Now, even if we have a virus, it's only on one computer, we can isolate it."
But while the CTA's office might no longer grind to a halt when a computer is infected, attacks have continued unabated. In 2012, a Chinese cyber attack infiltrated at least 30 computer systems of Tibetan advocacy groups for over ten months. In 2013, the CTA's website Tibet.net was compromised in a so-called watering hole attack, which allows hackers to spy on and subsequently attack website visitors.
Greg Walton, an internet security researcher at Oxford University, is concerned at the growing number of these watering hole attacks. When they are combined with attacks that exploit software vulnerabilities, he argues that "there is essentially no defence for the end user, and no amount of awareness or training will mitigate the threat."
Sangay does not believe that absolute security is possible. "Beijing is still, I am sure, trying to steal things. And I am sure they are successful, in some sense. But we also have to try to make it a little more difficult," he says. "I assume my email is being read on a daily basis. The Pentagon, the CIA, multinational companies are all being hacked, and they are spending hundreds of millions to protect themselves."
Sangay throws up his hands: "Poor me! My administration's budget is around 50 plus million dollars. Even if I would spend my whole budget to protect my email account, that still wouldn't be enough."
No attachment, please
Sangay does believe that many problems can be avoided with a few basic precautions. He uses very long passwords for instance, and changes them often to prevent hacks of his own email account. And, he says: "You always have to follow Buddha's message. What would Buddha say if you send him an email? 'No attachment please!'" Sangay laughs. "One of the cardinal sins in Buddhism is attachment. Well, Buddha's lessons, who said that 2,500 years ago, are still valid."
Holding himself to "Buddha's teachings" has prevented Sangay from getting his computer infected many times - although there have been some close calls. Take for example the time Time magazine's editor Hanna Beech emailed him, a week prior to a scheduled interview in Dharamsala.
"She sent me the ten questions she would ask me. I found that very generous, journalists sending me questions ahead of time!" Sangay was about to download the attachment — but then he paused. "I grew a bit suspicious, so I decided to write back to her to ask if it was really her." Beech said it wasn't.
The attack was sophisticated, but not uncommon, Sangay says. "We get that on a daily basis, literally; some Tibetan support group or someone from our office sends an email that will contain a virus."
For the Tibetan government, digital communications have offered Chinese hackers a welcome point of attack. But Sangay also emphasises the positive sides of the internet: "Despite the [Great] Firewall, information breaks through, and is exchanged. That is happening, and that is not something that the Chinese government or any other government can prevent."
He points to the 2008 protests in Tibet as one example. In the protests, which some dubbed "the cellphone revolution", written reports, videos and photos from eyewitnesses were able to make their way to the rest of the world via mobile phones.
Additionally, the internet has allowed the Tibetan Central Administration in Dharamsala, home of about 100,000 Tibetans, to strengthen its bonds with the approximately 50,000 exiled Tibetans living elsewhere. Sangay says that the exile community - "scattered across some forty countries" - keeps in touch mainly through the internet.
"The internet has been very vital. The other day, I was speaking to Tibetans in Belgium. I asked them how many log in to Tibet.net, our website, and how many watch Tibetan online TV. About 40% raised their hands." Tibetans from inside Tibet even manage to send Sangay "one-off messages" via Facebook from time to time. "Things like: 'I wish you well', from Facebook accounts that are immediately deleted."
Dangerous, but helpful
Tibetans inside and outside of China now also communicate constantly via WeChat, but that is not without danger. A year ago, two monks in Tibet were arrested and jailed after posting pictures of self-immolations via the chat app. "Many say it's very dangerous, because it's an app by a Chinese company," Sangay concedes. Still, he also considers it "very helpful and informative" as long as it is used to discuss safe topics.
The Tibetan administration consciously abstains from contacting Tibetans inside China "for fear that we might jeopardise them," Sangay says. "We get a little less than 100,000 readers to our website every month, and we know many are from inside Tibet and China as well. We know it's happening, but we really don't make deliberate efforts [to contact them], and we also don't keep track."
Skyping with Woeser
Since Sangay was elected, it has been too risky for him to keep in touch with Tibetans in China via the internet. But before his election, like many others, he was in touch with those inside China almost every day. During his years at Harvard, he often Skyped with the famed Tibetan blogger and activist Tsering Woeser.
"It almost became an everyday ritual. I would go to the office, and then at a particular time I would log on and we would talk for half hour or more. Because her Tibetan wasn't good, I became her unpaid, amateur Tibetan language teacher." Sangay laughs as he recalls Woeser's unsuccessful attempts to crack jokes in her — at the time — mediocre Tibetan.
Unfortunately, Sangay says he "had to stop talking to her for fear that I might endanger her". But he still admires her work: "She is a good source of information. She compiles information from inside and shares with the rest of the world. She is very bold." He considers bloggers like her an invaluable resource for those who want to know what life in Tibet is really like.
So will the internet ultimately be a force for good or evil? Sangay doesn't know. "It all depends on who uses it. For good, if more good people use it." On the one hand, he is in awe at how nowadays "in zero seconds, at almost zero cost, you can send vast volumes of information". But he worries about the security side of the internet. "Ultimately, the [power] dynamic is so asymmetrical. One has wealth, and control over access to stronger and better technology, and one doesn't."
That, of course, is a power dynamic that the Tibetan leader has long ago gotten accustomed to. "I think the David and Goliath battle will go on, even on the internet," Sangay says. "Ultimately, if David will prevail, we will have to see."
This article was posted on 10 November at indexoncensorship.org with permission from Pao-Pao.net.