Kachin Independence Army soldiers guard an outpost in Northern Burma's Kachin-controlled region on January 31. Journalists who cover the conflict have been subject to email hacking attacks. (AP/Alexander F. Yuan)
Kachin Independence Army soldiers guard an outpost in Northern Burma's Kachin-controlled region on January 31. Journalists who cover the conflict have been subject to email hacking attacks. (AP/Alexander F. Yuan)

As censorship wanes, cyberattacks rise in Burma

Cyberattacks on news websites and apparent government hacking into journalists’ email accounts have raised new questions about the integrity of media reforms in Burma. The New York Times reported on Sunday that several journalists who regularly cover Burma-related news recently received warning messages from Google that their email accounts may have been hacked by “state-sponsored attackers.”

Burma-based Associated Press reporter Aye Aye Win and Thailand-based Swedish reporter Bertil Lintner both recently received the Google warnings, according to The New York Times report. Irrawaddy reporter Saw Yan Naing and Weekly Eleven News Journal Executive Editor Nay Htun Naing told CPJ that they, too, had recently been warned by Google that their accounts may have been compromised.

All of the journalists have reported on the armed conflict between ethnic guerillas and government forces in the country’s northern Kachin state, despite official attempts to bar reporting from the area. Weekly Eleven was the first local publication to report in late December that government forces had used air power against rebel positions–news that sparked international condemnation of the conflict’s escalation.

While President Thein Sein’s quasi-civilian administration has loosened restrictions on the press–for example, ending pre-publication censorship of newspapers and magazines last year–many local journalists and editors remain skeptical about his government’s commitment to press and Internet freedoms.

The Electronic Act, a law used to prosecute and jail journalists under the previous military junta, is still on the books and allows for seven- to 15-year prison terms for receiving or sending information over the Internet deemed a threat to state security, community peace and tranquility, or national solidarity.   

The Google warning said that “we believe that state-sponsored attackers may be attempting to compromise your account or computer” and “It’s likely that you received emails containing malicious attachments, links to malicious software downloads, or links to fake websites that are designed to steal your passwords or other personal information.” 

The warnings follow cyberattacks against independent local media. Weekly Eleven‘s website was hacked and temporarily disabled on January 15 and 16, according to a February 5 memorandum of complaint, addressed to the National Press Council and copied to Thein Sein, calling for an independent investigation into the attacks. The letter, written by Weekly Eleven Chief Editor Wai Phyo and reviewed by CPJ, said the hackers identified themselves as “Red Army Team.”  

The Voice, another local news publication, reported that anonymous hackers referring to themselves as “MMFC” and “Anonymous Myanmar” infiltrated and posted unsanctioned information to their Facebook page on February 4, according to the same memorandum.

Exile-run media groups like Irrawaddy and Democratic Voice of Burma have been hit in the past with anonymous distributed denial-of-service (DDoS) attacks that disabled their websites at crucial news junctures, such as during the 2007 government crackdown on Buddhist monk-led street protests. Government officials have consistently denied responsibility for those attacks.

This time, however, there are significant leads that a truly independent probe should actively pursue. In his complaint letter, Wai Phyo noted that the military-aligned Myanmar Express in reports on its website rightly predicted the cyberattacks against Weekly Eleven and had previously published the same information that was posted by hackers to The Voice‘s Facebook page.

“It is strongly suspected that the people representing Myanmar Express website seem to be some army officers with a hardline attitude and outlook who are collaborating with some department that is displeased with ongoing democratization,” Wai Phyo wrote.

Burma’s Ministry of Defense has chafed at critical reporting, saying in a rare public statement on January 29 that international organizations, embassies, and media were “fabricating news” about the Kachin conflict. If peeved army officials are indeed responsible for the recent cyberattacks, Thein Sein can make good on his reform vows by punishing them under the law while allowing the media to report freely on the conflict without fear of reprisal on the ground or in cyberspace.