Digital Threat Landscape
Digital Threat Landscape
Across the world, the digital threat landscape is expanding and becoming more complex.
Online security threats have grown and evolved. Software vulnerabilities and traditional threats have found new ways to cause harm, including via social media and mobile devices.
The capacity to collect, analyze and store digital communications is becoming more sophisticated and inexpensive and the market for offensive computer network intrusion capabilities continues to grow at a rapid pace.
For years, global civil society groups have viewed the Internet and other new media as a powerful tool for their causes, but recently they have discovered how new media can be controlled to limit access to information and freedom of speech.
According to security consultant Ronald Deibert, cyberspace is becoming a dangerously weaponized and insecure environment where independent media can be trapped, harassed and exploited as much as they can be empowered.
Government or private individuals can attempt to influence the flow or content of information by denying, disrupting, manipulating, or monitoring access to a range of electronic data.
The control of information is also influenced by the types of communications infrastructure that countries have.
Methods of exploits and attacks are influenced by a variety of factors including the economic, social, and political context where the information controls are applied.
Denial of Service
A DoS attack is when one computer and one Internet connection is used to flood a server with packets with the intention to overwhelm the site and make it inaccessible to others.
Another type of DoS attack is a distributed denial of service attack (DDoS), which utilizes a number of computers and connections, often distributed around the world to attack a computer. Similar to a DoS attack, a DDoS attack overloads websites, rendering them inaccessible.
DDoS attacks in general are on the rise around the world.
Journalists and news organizations can be targeted for surveillance through phishing campaigns. These targeted phishing campaigns often use links or attachments laden with malware that are sent via email or social media.
Although malware differs in its capabilities, one of the most malevolent forms of malware that has been known to affect journalists’ work is a Remote Access Trojan (RAT). The more sophisticated a RAT is, the more likely it is to avoid detection by anti-virus software.
If clicked on or downloaded, these RATs allow the attacker to gather any information they want on the compromised computer.
Technology can also be used to infect computers worldwide with malware
viruses allowing external entities to break into specific computer networks. Tools and viruses that allow access for monitoring and surveillance include intrusion software and trojans, which operate as attack vectors.
‘Attack vectors are like the lock-picks or copied keys to get into a building,’ says Seamus Tuohy, associate technologist at the Open Technology Institute.
Surveillance technologies developed by commercial entities have been found on networks in many countries and reportedly have been used to target individual journalists and activists.
This is the monitoring, interception, collection, preservation and retention of information that has been generated, stored and relayed over communications networks. Surveillance technologies are diverse and can include location tracking, deep packet inspection, facial recognition and mass monitoring. Interception methods for email and phone communications also exist.
Although surveillance has many legitimate uses, when it is collected en masse, without credible oversight by an independent monitoring body, it can be an affront to human rights – including freedom of expression, the right to privacy and threaten democracy.
The use of encryption and other technologies may also actually flag the journalist or
source, as a person of interest who has something to hide. Interest in online privacy and encryption has been reported to trigger tracking and monitoring.
Digital Threat Landscape
To help protect the content of communications, journalists and their sources need to consider using encryption technologies.
However, even encryption of content is not fool proof for protecting sources. Much can be gleaned from the metadata of exchanges.
Some journalists assume their communications are under surveillance even if they cannot prove it. Yet, this belief does not necessary correlate with an understanding that their insecure digital communication practices might have facilitated the surveillance.
In some countries, encrypted communication channels such as Virtual Private Networks (VPNs) are considered illegal, even if not always strictly enforced. Such communication can be stored and possibly decrypted when and if there is significant enough interest to access the information that the encrypted message is believed to contain.
Intimidation and Harassment
Digital threats are a serious concern because they may be a precursor to physical attacks against journalists. Also sometimes journalists are intimidated into giving up their digital account information.
Intimidation, harassment and arrests of journalists are not new phenomena.
However, journalists and others who contribute to journalism are now experiencing threats on multiple platforms. Press protection organizations worldwide have acknowledged the
Data mining has consequences long after the immediate act of interception or seizure of information, including:
• An intimidation effect on sources and journalists who are affected
• The invasion of journalists’ and their sources’ right to privacy
• Possible detention, arrest, prosecution, and imprisonment
Data storage is becoming cheaper and more efficient, allowing data – including content of emails, texts and other communications – to be collected and stored for longer periods of time.
This facilitates the process of data mining, understood as the practice of searching through large amounts of computerized data to find useful patterns or trends.
For example, it can be used to pinpoint journalists’ probable sources. There is a significant market for analyzing big data, with many companies who service consumer markets like Facebook, also servicing intelligence and law agencies.
Confiscation of journalistic information is not a new tactic when seeking to intimidate or harass journalists.
However, in an increasingly digital environment where journalists store vast amounts of information on portable devices such as laptops and mobile phones, journalists’ confidential sources and information are at risk.
These devices contain rich information and data that can reveal sources’ names and contact information and put people in danger.
Disinformation against journalists is not new, but online smear campaigns are particularly troublesome for journalists because they may have a long life online and can spread far and rapidly.
Smear campaigns involve many different intimidation tactics that are often both online and offline. Such tactics include setting up fake websites where disinformation can live online, or intimidating a journalist with compromising photos or videos and then spreading them online.
At other times, attackers choose to clone a website to confuse readers and threaten the credibility and legitimacy of a news organization.
Intimidation and Harassment
The online world often reflects, and may amplify, the realities and hierarchies that exist offline.
Online abuse against women is a growing phenomenon, in forms ranging from sexual harassment to rape threats and gender-based hate speech.
Between 2000 and 2012, the majority of harassment incidents collected by the US based organization, Working to Halt Online Abuse, were against women.
Cyberstalking is when someone uses electronic communications to track and repeatedly harass an individual or group, whether online or through digital means.
Debate still exists over whether cyberstalking is another tool for individuals who engage in traditional stalking, or whether it should exist as a separate concept with separate motives. However defined, cyberstalking, like other forms of abuse, affects mainly women.
Threats of violence against journalists’ families, seem to be more prevalent toward female media professionals and are reportedly extremely effective in silencing them.
For example, a prominent television news anchor in Latin America who has worked for nearly 20 years investigating human trafficking, arms trafficking and extrajudicial killings has faced repeated threats and harassment over several years. It was not until she received intimidating phone calls that threatened her young son, however, that she felt forced to take leave of absence from anchoring her investigative morning news programme.
Female journalists often receive online comments that focus on physical appearance rather than professional accomplishment. One journalist noted that her husband, also a well-known journalist, receives vicious attacks on Twitter for his views, but that the comments are not sexually violent like they are against her.
According to Suzanne Franks, a professor of journalism at City University in London ‘When someone disagrees with a man’s article they go for the ideas which are in that article – with women they go for her looks, fashion and it turns very personal.’
Online sexual harassment has not been well defined, making it difficult to recognize and respond to cases.
‘The refusal to recognize harms uniquely influencing women has an important social meaning – it conveys the message that abusive behavior toward women is acceptable and should be tolerated’, says Danielle Keats Citron, a professor at the University of Maryland School of Law.
Perpetrators are often viewed as ‘juvenile pranksters’ and victims are seen as ‘overly sensitive complainers’.
Cyberstalking is a function of many factors. First, it is relatively easy to collect details about a person online.
Second, an attacker is able to track his or her victim fairly easily if they do not implement digital security practices.
Third, an attacker can disseminate information through online means.
Fourth, the distance provided by online communication means, there are no immediate consequences.
An award-winning television journalist in the US was sent abusive emails by a stalker whom she suspects hacked her private and work email accounts. In the emails, the stalker describes items in her home and family member names.
Despite help from law enforcement and technology experts, she still felt compelled to change her locks, install new security systems in her home, and eventually move cities.
After five years of sustained harassment, she quit her job, hoping that would stop the harassment, but the cyberstalking continued.
The disinhibition effect which means that the perceived consequences of an individual’s actions, such as verbally abusing a target or revealing intimate details, are dramatically lessened when the perpetrator does not have the normal boundaries of saying something to their victim’s face and seeing their reaction.
The disinhibition effect and the ability to remain at least partially anonymous and potentially unaccountable also may influence the degree to which an attacker stalks their victim, or their persistence in doing so.
Digital Threat Landscape
Elaborating these norms globally, entails decisions and positions by governmental bodies that have a legitimate base for this. Promoting awareness is necessary if these positions are to become living norms against which behavior can be measured.
Awareness raising is a way to sensitize all individuals and organizations about digital safety for journalism, and not promote the social norm that such communication should especially enjoy security and protection.
Safety assistance programs for the physical protection of journalists have existed for several years from organizations including CPJ, Reporters Without Borders, and the International News Safety Institute. These safety assistance programs are valuable and often provide legal, medical, and relocation assistance to journalists and their families.
Many of these organizations, including the International Committee of the Red Cross, provide hotlines for journalists to call when they experience trouble and need help or other resources.
Digital Security Training
A variety of individuals and organizations have responded to the need for greater digital security knowledge by developing specific training courses about digital security.
Digital security training activities for journalists and others doing journalism are hosted by a variety of organizations, including academic institutions, organizations working at the international level and local organizations.
Their are a variety of courses available which can include, how to assess digital risks, how to avoid malware, keeping data safe, researching securely and email and mobile phone safety.
Campaigns and Initiatives
Media coverage has documented campaigns launched on social media platforms. In 2011, a writer started a Twitter hashtag, MenCallMeThings, to document harassment and threats.
Another journalist created the silentnomore campaign, which encourages women to speak out about their experiences and confront pervasive and malicious comments.
These campaigns are valuable because they seek to change the existing norm of what is acceptable and they strive to shift the onus from the abused to the abusers.
One example is the collaborative campaign ‘Take Back the Tech’ which began in January 2009 and aims to reclaim information and communications technologies to end violence against women.
The campaign brings significant resources to developing countries for documenting violations of women’s rights online, provides capacity building for activists and survivors in the creative and safe use of technology, and advocates for policies to strengthen protection of rights online.
Take Back the Tech’s article, CyberStalking and How to Prevent It is a good resource on ways to prevent cyberstalking.
Tack Back the Tech also has a mapping project that documents harassment, stalking, threats and abuse.
Another initiative focused on raising awareness of sexual harassment is Harassmap, which collects online reports of sexual harassment and assault and maps them on. It uses the information and analysis from this research to create campaigns that address sexual harassment and assault.
Digital Threat Landscape
Social Media Responsibility
Social media websites and blogs are constructed in such a way to encourage freedom of expression.
As such, they carry an inherent risk for misuse by individuals seeking to harass and/or cyberstalk.
opportunities for redress if users are harassed and victimized.
Although corporations have a role to play in mitigating abuse on their user platforms, it is important that journalists and others increase their digital literacy to understand how much data and personal information they are sharing on social networks and blogging websites to begin with.
A study has shown that individuals in general still perceive that the benefits of online social networking outweigh the risks of disclosing personal information.
People may say they are familiar with privacy settings, but they still engage in behavior, such as accepting people as friends whom they do not know, that puts their privacy at risk.