Digital security tips and resources for journalists

نوشته Sherry Ricchiardi
Oct 30, 2018 در Digital and Physical Safety

In today’s digital world, spying on journalists has never been easier.

With the click of a mouse, high-tech stalkers can intercept mobile phone conversations, emails, text messages and satellite transmissions. Once infected with malware, a computer transmits keystrokes and passwords back to whoever controls it. In the hands of pros, the device becomes an espionage tool.

Attacks might come from intelligence agencies, criminal cartels or terrorist groups that monitor media activities. Governments may use it to silence or punish critics.

For journalists anywhere in the world, a digital security plan is the first line of defense.

What are some of the best practices and how successful are they? Where should neophytes begin? Where can the tech savvy go to gain new skills?

“There’s stuff out there that is not hard to use. A lot is common sense,” says Steve Doig, who conducts workshops on “Spycraft: Keeping your sources private” at Investigative Reporters and Editors (IRE) conferences. He calls Edward Snowden’s exposé of government snooping in June 2013 “a wake-up call.”

“When I began doing digital safety talks at IRE in 2007, five to 10 people showed up. Two weeks after the Snowden story broke, my spycraft session ... drew an audience of 80, all seats filled, walls lined and people sitting in the aisles,” says Doig, the Knight Chair in Computer-Assisted Journalism at Arizona State University.

Doig advises reporters to pinpoint how they could be leaving an electronic trail, then devising ways to protect information. Assess the risk to your source. Who wants your source’s identity? What are their capabilities? Discuss security with sources. Consider low-tech, face-to-face meetings if electronic communication is too risky.

For those willing to invest the time, help is out there. IJNet reviewed free, easy-to-access tips and tutorials that can help jump-start the process:

Electronic Frontier Foundation (EFF)’s “Surveillance Self-Defense” provides step-by-step guides for those just getting their feet wet. There are more sophisticated versions for security veterans who operate in the world’s riskiest places.

The security starter pack is designed to “help you discover how to assess your personal risk, protect your most cherished communications and information and start thinking about incorporating privacy-enhancing tools into your daily routine,” EFF states on its website. Among topics for beginners:

·  Choosing your tools
·  Protecting yourself and social networks
·  Introduction to threat modeling
·  Communication with others
·  Creating strong passwords
·  What is encryption?

Learning how to assess threats is a common thread in EFF tutorials. Five questions journalists should ask themselves:

  1. What do you want to protect? “For example, your emails, contact lists, instant messages and files are all assets. Your devices are also assets.”

  2. Who do you want to protect it from? “Examples of potential adversaries are your boss, the government or a hacker on a public network.”

  3. How likely is it that you will need to protect it? “Write down a list of data that you keep, where it’s kept, who has access to it and what stops others from accessing it. Make a list of who might want to get ahold of your data or communications.”

  4. How bad are the consequences if you fail? “There are numerous ways that an adversary can threaten your data. An adversary can read your private communications as they pass through the network, or they can delete or corrupt your data.”

  5. How much trouble are you willing to go through to try to prevent this? Conducting a risk analysis involves “calculating the chance that threats might succeed, so you know how much effort to spend defending against them ... and deciding which threats to take seriously.”

Check out EFF’s seven basic steps to digital security. Information is posted in 10 languages, including Russian, Arabic, Vietnamese and Portuguese.

Among other useful resources: “Security in a Box,” a project of Front Line Defenders and Tactical Technology Collective, provides a how-to manual on general safety tips and step-by-step guide to information for beginners and veterans. One section walks users through installing Spybot, software that can detect and destroy different kinds of malware, adware and spyware from computers. Translations in Arabic, Russian, French, Spanish, Vietnamese, Chinese, Farsi, Burmese and Tibetan can be downloaded as a PDF.

Freedom of the Press Foundation’s infographic lists eight steps journalists can take to secure mobile phones. There also are tips on securing email and choosing safer passcodes.

The Committee to Protect Journalists addresses cybersecurity as part of its Journalism Security Guide.

Reporters Without Borders publishes an Online Survival Kit, available in five languages.

Digital First Aid Kit is a guide published by a dozen media-related NGOs, including Free Press Unlimited, Freedom House, Global Voices and Internews.

The London-based Centre for Investigative Journalism has an 80-page handbook, Information Security for Journalists, that is full of tips and techniques.

Main image CC-licensed by Flickr via Kevan.