BIRN Investigates Seizure of E-Mail Account Amid Cyber-Intimidation Campaign

Posted on

BIRN is investigating the circumstances in which the security of an official e-mail account was compromised to send a malicious communication.

Photo: BIRN

A malicious email sent from the compromised BIRN Applications account contained false claims and disinformation about the organisation.

BIRN became aware of the breach after the e-mail was shared with staff and partner organisations, and leaked to regional media on May 12.

BIRN swiftly regained full control of the account after learning of the breach.

The organisation has launched a review of its cyber-defences following a month-long campaign aimed at damaging its reputation and intimidating its employees.

The campaign has been spreading disinformation and defamatory falsehoods from anonymous e-mail accounts.

The identity of the attacker or attackers is not known. The attacks appear to be from disgruntled employees and the organisation is investigating signs that they may have been co-ordinated with external actors.

The attacks have so far targeted BIRN’s regional hub and its director. There are indications that the campaign is being broadened to target the network’s country offices.

BIRN urges any partner organisations, donors and media outlets that receive these e-mails to treat them for what they are: an attempt to undermine the organisation’s work through the anonymous dissemination of lies and disinformation.

BIRN’s leadership and staff remain committed to producing the journalism on which the organisation has built its reputation.

“BIRN as an organisation, and its journalists individually, have been targeted many times in the past,” Milka Domanovic, the regional director, said. “We remain committed to producing quality journalism and this campaign will not distract us from our mission.”

Background

The anonymous e-mails have claimed to speak on behalf of discontented employees and purported “whistleblowers”.

BIRN journalists adhere to strict editorial standards when dealing with genuine whistleblowers, by seeking to verify their claims and safeguarding anonymity where this is requested or required. The claims made in this instance are demonstrably false.

BIRN encourages communication through well-established internal channels to address staff grievances. The organisation’s independent oversight committee, or Assembly, has also reminded staff that they can share any complaints with it, anonymously or otherwise.

Last Friday, an anonymous e-mail claimed that employees at the organisation were taking part in a day-long “strike”. However, there has been no evidence of a strike having been organised, or of any employees taking part in it. BIRN operations on the day continued without disruption.

“For the last four weeks, a campaign conducted via anonymous e-mail accounts has been broadcasting malicious falsehoods about the organisation and its leadership to its partner organisations and the regional media,” Tim Judah, the president of BIRN’s Assembly, said.

“The campaign has attacked the organisation’s governance bodies while bypassing official channels for making complaints. It has claimed a strike was taking place within the organisation, when there was no evidence of any such action. The anonymous attacker or attackers claim to be speaking in the best interests of the organisation. This claim must be treated with the scepticism it deserves,” Judah added.