Advice column: How can I tell my device isn’t infected with malware or spyware?

Welcome to “Ask a security trainer,” the column where the Digital Security Training team at Freedom of the Press Foundation (FPF) answers your burning questions at the intersection of journalism and security. Submit yours here! Let’s jump right into this week’s question.

Dear DST,

There’s been a lot of talk around my newsroom about malware and all the harms it can cause. I recently traveled for work and now I’m worried that my computer is infected with malware that can log my keystrokes or otherwise steal my data. How can I know for sure whether my computer is safe?

Thank you for your time and expertise,

Safety First

Dear Safety First,

Due to several high-profile cases of journalists’ phones being infected with malware, this concern is top of mind for many — and rightly so! There are lots of types of malware out there, some of which are highly targeted to specific individuals and some of which are much more widespread. Those high-profile cases often make the news, and can unfortunately serve as a distraction for the much more common ways in which we are vulnerable to malicious software.

And here’s the thing: It can be difficult (if not impossible) to prove that your computer is completely free from malware. Many of the indicators of potential malware — quickly draining batteries, lagginess, and unexpected crashing — could have other root causes. Very few people in the world have the training, time, and resources to do a forensic analysis on a computer or phone in order to determine whether or not those symptoms are a result of a malware infection. Therefore, it’s important to instead think about effective preventive measures:

• Keep your computer and your phone up to date. Updates often contain patches for known vulnerabilities. Don’t put them off.
• Be aware of phishing attempts, which often trick people into unwittingly installing malicious software. Either ignore those messages or, if you are unsure, analyze the link before you click it by copying it into a new tab in your browser.
• Get your software from app stores instead of questionable sources and vet open source software before installing it.
• Never insert a USB drive of unknown origin into your computer. If, for investigative reasons, you must, try these other methods of opening that drive instead.
• Read this advice column on whether to use antivirus software, and which ones may be best suited for you.

For the vast majority of people, following these steps will prevent malicious software from taking root. Journalists, though, have a higher profile than most. If, based on your risk assessment, you are a likely target for sophisticated spyware, take your security to the next level:

• For Apple devices, enable Lockdown Mode if you are in need of extreme protection. (Note: a similar setting does not presently exist for Android phones)
• If you suspect your device is already infected, Access Now’s Digital Security Helpline and Amnesty International’s Security Lab can provide assistance.

You may notice that I did not include a bullet point advising you to avoid downloading file attachments, full stop. For journalists, it’s not always preferable or even possible to simply ignore attachments. In these cases, it’s safer to avoid downloading any mysterious attachments directly. Instead, you can rely on services that will render your files online, instead of downloading and opening them. For example, you may have noticed that Gmail and Google Drive already provide this by opening attachments in the browser before letting you download them to your system.

You can take this a step further by viewing the unfamiliar attachment on a separate, safer computer that can be easily factory reset, like a Chromebook, which will help remove unwanted software on the device. Likewise, there are “disposable” operating systems that are safer for opening risky files, such as Tails, which stands for The Amnesic Incognito Live System. You can boot Tails from a USB device plugged into your computer, and remove the USB when you’re ready to shut it down, wiping all data on the operating system. Tails is fun but does come with a bit of a learning curve. If you’re interested in exploring further, we’re here to help.

Thank you for writing with this excellent question.

With best wishes,

Davis Erin Anderson