The Digital Security Digest, by Freedom of the Press Foundation (FPF), is a weekly newsletter with security tips that keep you, your sources, and your devices safe. If someone shared this newsletter with you, please subscribe here.
Head of commercial spyware firm found guilty
Greek journalist Thanasis Koukakis, a financial editor for CNN Greece, discovered in 2022 that his phone was infected by Predator spyware — a monitoring tool developed by Cytrox, one vendor under the banner of the mercenary surveillance company Intellexa. This spyware allowed attackers to remotely access his mobile phone and with it, his apps, including photos, messages, and calls. “Traces of Predator were later found in dozens of phones,” including devices belonging to politicians, ministers, intelligence service employees, and businessmen, according to Reuters. Last week, a court in Athens, Greece, judged Intellexa co-founder Tal Dilian and three others guilty of “breaching personal data.”
What you can do
Because mercenary spyware vendors don’t want their exploits to be caught by security researchers, they tend to reserve these tools for highly targeted individuals, including journalists. Most people shouldn’t worry about these specific kinds of exploits, but journalists are special, and a few extra steps can substantially lower your risk.
- Download those security updates. I know it’s annoying. But most of the malware risks journalists face are not the most sophisticated and can be mitigated by simply keeping your device up to date. It’s the most boring thing, like eating vegetables or brushing your teeth, but it really is the most effective and easiest thing you can do. Read our post on why software updates are so important.
- Try Lockdown Mode and Advanced Protection. If you are an Apple user (whether on an iPhone, iPad, or macOS), you can make your device much harder to exploit by enabling Lockdown Mode, which will disable some features on your device, such as the ability to receive certain types of message attachments. Android now supports a similar feature called Advanced Protection. This will change the functionality of your device somewhat — for example, Lockdown Mode has occasionally prevented someone from messaging me. But on balance, I do think this is a reasonable trade-off for some added assurance. We’ve already seen examples of Lockdown Mode preventing remote attackers, and blocking someone with physical access from exploiting an iPhone. Try Apple’s Lockdown Mode or Android’s Advanced Protection for yourself and see if you like it.
- Ask for assistance. Journalists and others working in civil society groups can also request help from researchers with experience investigating these attacks through Access Now’s 24/7 digital security helpline.
Updates from our team
- Between Microsoft’s moves to discontinue support for Windows 10 security updates and ram through controversial artificial intelligence features in Windows 11, you may be interested in alternatives. Good news: Our most recent advice column examines some options for different versions of Linux you can install for the low, low price of zero dollars.
- FPF is hosting a panel examining the emergent trend of government officials labeling routine accountability reporting as “doxxing” — a term traditionally used to refer to the release of private, personal information. Join us on Wednesday, March 4, at 2 p.m. EST/11 a.m. PST, for the live webinar, “Journalism is not ‘doxxing’: The push to redefine reporting as harassment.”
Our team is always ready to assist journalists with digital security concerns. Reach out here, and stay safe and secure out there.
Best,
Martin
–
Martin Shelton
Deputy Director of Digital Security
Freedom of the Press Foundation
