Targeted Malware and Other Attacks

Things to consider

• Malicious software, or ‘malware’, is any software that can cause damage to your digitally stored data, or give third parties access to it.
• HRDs, politicians, journalists, and the diplomatic community must be aware of the threat of malicious software designed specifically for espionage on them.
• This targeted malware typically allows re- mote control access to all files on the device, as well as the ability to record all keyboard uses or switch on the camera and microphone, without alerting the user to what is happening.
• This kind of infection with malware happens in several ways, including links or attachments sent via messaging services or email which download the software to their devices once clicked or opened. Wi-fi access points and business centres in hotels frequented by ‘targets’ are sometimes used to infect them with malware.
• Another targeted attack commonly used against civil society is known as ‘phishing’. Phishing means using cleverly designed emails or false websites to trick users into clicking on a particular link, downloading a programme, or giving their login or other details to an attacker.

Protection tactics

• Installing an anti-malware programme on all devices is a vital basic practice. Remember to keep software updated.
• Use link expanders to see the real addresses of suspicious, shortened URLs.
• Make regular backups, ideally daily, or at least weekly. This greatly reduces the impact of data loss, which can also be caused by malware, or ransomware. Make sure that any encrypted data is also backed up in encrypted form.
• Use communication applications which allow for verification of device ‘fingerprints’ – and verify the ‘fingerprints’ of your contacts’ devices.
• Do not connect to public wi-fi offered in hotels, conference venues, or other places frequented by civil society, journalists, dissidents, or opposition politicians.
• When you are subjected to a targeted malware attack or suspect you have been, contact your local IT support as soon as possible and raise the issue as appropriate within the office.

Software:

• Link Expander can be used to expand any shortened links you receive
• MalwareBytes is an anti-malware software which can function alongside your regular anti-virus for additional protection
• VirusTotal is a website which enables you to scan suspicious files and links through a large database of antivirus softwares for a more detailed view of their security

Further Resources:

• Privacy International
• Citizen Lab
• Digital First Aid Kit: My device is acting suspiciously
• Digital First Aid Kit: I have received suspicious messages.

Download the card as a pdf