Last updated

This short module opens with a short introduction to malware with a video, followed by slides with a few examples of malware targeting journalists, and finally, opening up to a discussion of how students understand the likelihood of this happening in their work, and what they should do in response.


Threat modeling

Estimated time

25-30 minutes


  • Upon successful completion of this lesson, students will be able to identify common functions and techniques for distributing malware.
  • Students will be able to construct a risk minimization strategy.

Why this matters

Some of the most commonly used files that journalists open every day (e.g., .pdf, .docx files) are also some of the most common vectors for introducing malware into systems. Because journalists are among the most common targets of malware in the world, it's important to understand what malware is capable of, and common ways may be introduced into a system. In addition, by seeing how the success of most malware depends on unpatched software, students can see in concrete terms why security updates should be viewed as an asset, rather than a burden.


(Before class)

Sample slides

Malware (Google Slides)


Watch this short video introducing malicious software: "Malware - Security Awareness Video"

Questions for discussion

  • When was the last time you clicked a link from a text message?
  • How realistic do you think a Pegasus-like attack is against you? How about your colleagues?
  • Remember: Jamal Khashoggi's phone was not the one Citizen Lab found was hit with Pegasus malware, but instead, his associate's phone. How might the individuals who you work with influence your likelihood of receiving malware?

    Note: Our hope is to get students to think about the specific circumstances; the real answer is it depends on your threat model as individuals and as a group.

Donate to support press freedom

Your support is more important than ever.