Simple steps to protect journalists and sources from eavesdroppers
Journalists are among those most likely to face technical attempts at attack and interception. Reporting is based on discussions with sources who may want to remain out of the limelight, and news sites attract extensive readership, making them a desirable target for potential attackers. But there are simple steps to protect against the most common form of eavesdropping, and journalists should be aware of the types of technical adversaries they may face.
Several countries use sophisticated network interception and attack appliances to monitor, filter, and attack the entire country’s Internet connection. Such tools are available for anywhere from $15.5 million to $380,000, a price point described as“dictator pocket change” by Morgan Marquis-Boire, a security researcher who specializes in these sorts of tools at The Citizen Lab, the technology and human rights research institute.
Before we get into the details of the risks journalists and news organizations face, and how they can protect themselves, let’s get some terminology straight. When technologists talk about spies and snoops reading messages we often break those potential interlopers into passive listeners, active “man-in-the-middle” (MiM) interceptors, and advanced persistent threats (APTs).
photos via Spiegel Online and Freedom of the Press Foundation.