It’s the digital security training team at Freedom of the Press Foundation (FPF), with security news that keeps you, your sources, and your devices safe. If someone shared this newsletter with you, please subscribe here.
ICE reboots commercial spyware contract
In 2023, President Joe Biden issued an executive order limiting government use of commercial spyware with “significant counterintelligence or security risks to the United States government or significant risks of improper use by a foreign government or foreign person.” Subsequently, the Biden administration issued a stop-work order on a $2 million contract between Immigration and Customs Enforcement and spyware vendor Paragon. However, it now appears ICE is reinstating this contract. From an Aug. 30 update in a U.S. government database, ICE has sought to lift the stop-work order. In other words, ICE may soon receive access and training on the use of targeted spyware.
Such tools have been used against journalists as well. In January, WhatsApp linked Paragon to a hacking campaign that allegedly targeted roughly 90 users, including reporters.
Shout out to independent journalist Jack Poulson for being the first to report on this story in his All-Source Intelligence newsletter. Read more.
What you can do
- Stay on top of updates. Similar spyware campaigns have targeted journalists, and we expect this trend will persist. Highly targeted tools risk exposure to security researchers and are therefore used sparingly by governments around the world that want to preserve their capabilities. What this means for most people is that these attacks are extremely rare, and you’re far more likely to experience simpler forms of malware. Those can be mitigated by downloading your updates as soon as possible. Check out our Senior Digital Security Trainer David Huerta’s post on why software updates are so important.
- Apple users, try Lockdown Mode. We’ve been seeing early signs that Apple’s Lockdown Mode has blocked targeted malware. If you feel you are at elevated risk, enable this setting to harden your security on macOS, iPhones, and even iPads. This will change the functionality of your devices somewhat, and may block certain text messages and graphics on websites, so it’s not seamless. It has seams. But for me, it feels very close to normal functionality on an iPhone and is a worthy trade. Try it out and see how it works for you. Learn more here.
- Android users, try Advanced Protection. This is essentially Google’s answer to Lockdown Mode. You’ll need Android 16 to enable this feature, so as always, pull down your software updates. Learn more about getting started from our friends at the Electronic Frontier Foundation.
- Look for the helpers. If you suspect your device has been infected, contact Access Now’s 24/7 Digital Security Helpline for assistance from security researchers who can help investigate these attacks.
Updates from our team
- In case you missed it, in our latest “Ask a security trainer” column, we break down how mobile phones can expose a user’s location. We then help journalists consider when this type of tracking is and isn’t a real cause for concern. Check it out.
Our team is always ready to assist journalists with digital security concerns. Reach out here, and stay safe and secure out there.
Best,
Martin
–
Martin Shelton
Deputy Director of Digital Security
Freedom of the Press Foundation
