Nahla Davies is a freelance tech writer, software developer and lead programmer, with clients including Samsung, Time Warner, Netflix, and Sony.
As newsrooms have shifted to remote working scenarios to cope with social distancing measures, we need to think more carefully about new cybersecurity threats and opportunities for hackers. But these threats to journalists are also reflective of the current international political volatilities and economically competitive global landscape.
Perhaps this is why so many politicians who understand next to nothing about cybersecurity are so eager to mandate online activity. Troublingly, much of the recent cyberattacks seem to be spearheaded by government entities (known as "nation-state attacks"). The goal of these attacks vary but are usually centred on stealing trade secrets, manipulating global elections and stock markets, or achieving a financial windfall through ransomware.
Government-backed hackers are increasingly targeting journalists, who may use social engineering to build rapport online with journalists, only to guide them to click a malicious link. A favourite target for these cybercriminals are foreign policy experts and those with ties to policymakers.
New journalists are also especially vulnerable to hacks. As if starting a career in journalism during the pandemic is not challenging enough, there are real threats when working from home. The good news is that rookie journalists can still harness all their beginner’s energy and gusto to take measures to stay safe.
It goes without saying that all journalists must take cybersecurity seriously. Whether a reporter is working from home or in a country where freedom of speech is non-existent, journalists must be vigilant to protect themselves and protect sources from cyberattacks. Protecting your identity, your online accounts, your channels of communication and your beat is not just best practice: it is absolutely crucial to the industry's integrity.
Many news outlets have come up with more stringent cybersecurity measures - like using artificial intelligence to monitor for virtual abnormalities associated with security breaches. They should also have cybersecurity policies which ought to be used by reporters if ever in doubt. But basic human behaviour remains the number one cybersecurity risk out there.
With that in mind, here are six simple remedies which journalists can use today to keep themselves and their sources safe online.
Use your work computer just for work
Tempted with a little online shopping? Make sure that you only order from secure websites with SSL (Standard Socket Layer) certificates, and never do online shopping on work computers. Personal financial statistics show that people are shopping online more than ever before, but not necessarily being intelligent about their finances.
Placing an order online can be done in as little as 30 seconds, but as a result, you have now entered your credit card or bank information and presumably your full address and legal name. Remember that as a journalist, you are far more likely to be targeted by a government-sponsored cyberattack.
Use a Virtual Private Network (VPN)
Consistent use of a VPN can protect you from hackers. VPNs encrypt your online activity, making it much more difficult for hackers to gather information from your laptop or PC. Journalists are especially exposed when doing work via hotel WiFi - or any public WiFi for that matter.
This is yet another reason to install a quality VPN on your internet browser. Many VPNs are free or extremely affordable, so do not overlook this simple step when it comes to protecting yourself and the news outlet you work for.
Use a password manager
Remember when we said that humans are the number one risk factor when it comes to cybersecurity? Easy-to-guess passwords or passwords that are auto-saved and/or written down are one of the top ways to get your password stolen by hackers.
We are all familiar with the ridiculously complex 'suggested passwords' our computers provide to us, but few of us actually opt for them because they are so hard to remember. Consider using a password manager that will store all of your complex passwords for you securely - again, there are many free and affordable options out there.
Back-up all your data on a cloud-based server
There are many scenarios in which you would want to ensure that your information is backed-up, preferably on a cloud-based server.
It is not just useful to duplicate your work files and allow you to work from anywhere. If you are working in a country with considerable press restrictions, having a back-up will protect your work and your source of information. If your device gets stolen or wiped clean by authorities, you know it is stored safely in the cloud.
Use caution with the devices you use for communication
It might be a bad decision to use IoT (internet of things) devices, i.e. everyday household items (like Alexa) that are enhanced by WiFi connection.
Unfortunately, these nifty and convenient gadgets are also gateways for hackers. Sure, it is wonderful when Facebook just seems to know what brand of shoes you and your friend were discussing on the phone lately. But it is much less wonderful when a third party is listening in on your exclusive interview, be that the government, a hacker or potentially a competing news outlet.
Run updates - for your smartphone, computer, and antivirus provider
We are all very reliant on the software we use, and we trust that it will be safe for us. Statistics for SaaS (software as a service) companies show that as more companies adopt SaaS apps, the market is expected to grow to a value of $76 billion by the end of 2020. What is more, subscription-based tech, such as antivirus software, is in demand.
Yes, software updates can be a pain because many times it asks you to completely restart your computer. That can be a hassle, especially when you are in the thick of your hot story.
However, it is not just for increased functionality and cool new emojis that you have to update your software every once in a while. Cybersecurity experts working on your computer or smartphone’s antivirus programs are constantly on alert for new malware, ransomware, and other cybersecurity threats.
Once a new and serious threat is recognised, software developers work hard to install an update that will block would-be cybercriminals from getting access. By ignoring these updates, you are opening yourself up to a world of pain and also not taking advantage of a cost-free benefit being provided to you.
2020 has been a whirlwind of a year. And it is not even over yet. Aside from the international political turmoil, a global pandemic, worries of economic collapse, and shifting world power bases, journalists have an increase in cybercrime to worry about.
The good news is that a few small steps can leave you and your sources more protected, meaning you can go out and tackle the big stories without having to worry about what is happening in your pocket.
Free daily newsletter
- Four ways journalists can protect sources using the “deep web”
- Seven tried-and-tested steps to growing your digital subscription model
- Catherine Gicheru, ICFJ Knight fellow, on supporting African women journalists affected by the pandemic
- How do you manage a breaking news team from home?
- No newsroom, no problem: tips and tricks for working through lockdown