Hong Kong Activists Organize, Prepare for Online Attacks

By Haggen So and translated by Liu Heng. This article originally published on inmediahk.net.

Many civic groups and online media in Hong Kong have been attacked by hackers over past two years. The best known case took place in March last year with an attack on a platform hosted by Hong Kong University Public Opinion Programme (HKU POP). This happened shortly after HK POP held mock elections for the office of the SAR Chief Executive (CE) or city mayor [in which CE Leung Chun-ying won only 17% of the vote]. Most recent hacking incidents have been political in nature.

As the government will soon present the draft of the political reform proposal on the arrangement of CE election in 2017, HKU POP will again conduct a public opinion survey which serves as a mock referendum on the political reform proposal.

Meanwhile, civil society groups are preparing to launch a collective civil disobedient action to Occupy Central in July 2014 , to advocate for a genuine universal suffrage and against the manipulation of candidate nomination. It is anticipated that malicious hacking of civic groups, activists communications and citizen media will surge approaching July.

Forum speakers: Ben Chang, Jazz Ma and Sang Young.

Forum speakers: Ben Chang, Jazz Ma and Sang Young.

To address the issue, Hong Kong In-Media, an independent and citizen media advocacy group, hosted a forum on October 4 featuring local IT experts who explained the nature of online attacks in Hong Kong and discussed the potential for building a tech activist team to support local civic groups and activists.

The hacking of HKU POP

What the public appears to be most concerned about is whether the HKU POP computer system will encounter another round of hacking in the 2014 civic referendum project. Jazz Ma, HKU POP IT manager, explained the situation of the hacking of mock universal suffrage in March 2012:

Several days before the voting, a number of e-mail accounts related to the civic referendum project had received messages with attachment that inflicted with Trojan Horse, a hacking program. Subsequently the password of some accounts was changed. On March 21st, we first tested the voting system in among local universities and the HKU Computer Centre informed us that there had been millions of network packets trying to access to HKU server. Fortunately the HKU firewall had blocked most of the malicious packets. On March 23rd, we found out that that some hackers had written programmes to log-in the voting system repeatedly and thus caused the server to overload.

The attack that HKU POP encountered is known as a Distributed Denial of Service attack (DDoS). Sang Young, a senior information security expert, explained to the audience the nature of a DDoS attack: “DDoS attackers make use of a third party's personal computers and cloud servers as ‘zombies’ to attack the target server. The aim is to cripple the websites.” Apart from DDoS, falsification of data in sites to mislead users is also a common hacking activities in Hong Kong, Young said. Most of the hacking activities involve either commercial or political interests.

Concerns about privacy

HKU POP reported the hacking incident to the police and a suspect was quickly arrested on March 24. On the next day, the police returned HKU to collect the evidence by cloning all data in the server.

Salon host Michelle Fong immediately interrupted and asked: “Will cloning result in a leak such as the voters personal information and voting intentions? Will there be a risk of prosecution if the server contains a child pornography photograph?”

Sang Young, who has police training experiences explained that in general, when it comes to criminal investigation, the police copy all the contents on the server in question, but only for specific cases. It is impossible to use the contents for prosecution directly even if they involve child pornography. As for civil disputes and investigation, corporates will ask the third party to sign a confidential document that ensures all data will be destroyed after the investigation. However, as many online platforms now are using cloud servers, the police cannot clone the server and will only ask for a log sheet.

Building a local tech activist community

As social action depends more and more on online communication, strong support from technology community is necessary. Michelle Fong pointed out that there are various organizations abroad such as Tactical Technology Collective or civic web hosting services such as Nearly Free Speech to provide support for civic groups, while in Hong Kong, such a technical community has yet to emerge.

Ben Cheng believed that the civic sector has yet to recognize the important role of technology in social movements and few organizations are willing to pull together resources to support the work of tech activists. “If each individual is willing to donate $1 and the mass is big enough, we can develop new tools for social activism and security protection. But people do not find [this] kind of work important.”

However, inmediahk.net and Global Voices Online editor Oiwan Lam believed that the technical community should take an active role in social incident like the upcoming Occupy Central campaign and demonstrate to the public that technology can make a difference to social mobilization.

We [have] yet to solve many communication problems. For example, every year during the June 4 candle light vigil, the mobile networks are jammed and people cannot upload information to social media. What if our telecommunication service collapses during the Occupy Central campaign? Ordinary people don't know how to deal with the problem, but the technical community can take initiative to draw up [a] strategic plan.

Soon after the above question was raised, the IT experts immediately came up with the idea of adopting the Serval Mesh App from Android platform to set up a communication network. Participants agreed that a common platform for dialogue and brainstorming among social activists and technical experts is crucial for building a local tech activist community.


Join the conversation

Authors, please log in »


  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.