From 37068aa587f808d95fcae3c51c3fee787b1f63e3 Mon Sep 17 00:00:00 2001 From: Kevin Pham <123699355+kpham42@users.noreply.github.com> Date: Fri, 25 Apr 2025 15:24:20 -0400 Subject: [PATCH] Update targeted-attacks.md Signed-off-by: Kevin Pham <123699355+kpham42@users.noreply.github.com> --- docs/getting-started/targeted-attacks.md | 39 ++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/docs/getting-started/targeted-attacks.md b/docs/getting-started/targeted-attacks.md index 62dbabba..513df856 100644 --- a/docs/getting-started/targeted-attacks.md +++ b/docs/getting-started/targeted-attacks.md @@ -2,3 +2,42 @@ title: Targeted Attacks icon: material/target-account --- +title: Avoiding Targeted Surveillance +icon: material/domain +--- + +While mass surveillance collects vast amounts of data from the general population, [targeted attacks](https://www.amnesty.org/en/latest/campaigns/2020/10/stopspying/) are different. it focuses specifically on individuals or groups deemed "persons of interest" by governments, corporations, or malicious actors. This kind of surveillance can be far more invasive and precise; however, it is also less likely to occur for most people. + +# How Do Targeted Attacks Work? + +Targeted attacks uses several techniques to infiltrate a person's digital and physical life. It often involves direct attacks on devices, network interception, and even human intelligence. + +[Device Exploitation](https://www.kaspersky.com/resource-center/definitions/what-is-zero-click-malware) is one of the most common methods. Attackers might use malware, spyware, or vulnerabilities in your phone, computer, or IoT devices to gain persistent access. Tools like [Pegasus](https://www.theverge.com/2021/7/18/22582532/pegasus-nso-spyware-target-phones-journalists-activists-investigation) have shown how even encrypted apps can be compromised once the device itself is under control. + +[Network surveillance](https://www.rapid7.com/fundamentals/man-in-the-middle-attacks/) targets the transmission of your data. By attacking the infrastructure between you and your services, adversaries can conduct man-in-the-middle attacks, monitor unencrypted traffic, or inject malicious payloads. + +[Social engineering](https://www.crowdstrike.com/en-us/cybersecurity-101/social-engineering/) remains one of the most effective ways to target a device. Phishing emails, malicious attachments, impersonation, and psychological manipulation are used to trick targets into handing over sensitive information or installing malware themselves. + +# Who Is At Risk? + +Targeted attacks can be devastating. It can expose sensitive conversations, reveal confidential information, endanger lives, and destroy trust. Whether you are a journalist communicating with sources, a whistleblower exposing corruption, or simply someone advocating for civil rights, protecting yourself against targeted attacks is essential to maintaining your freedom and safety. + +Victims often suffer from feelings of helplessness and anxiety. Recognizing your risk before a targeted attack and preparing accordingly is crucial for this threat model. + +# Best Practices + +## 1. Harden Your Devices + +Ensure that your devices are secure: Keep your operating systems and apps up to date with the latest security patches. Ideally, you should purchase the latest [mobile devices](https://www.privacyguides.org/en/mobile-phones/) that are known for security, such as Pixel phones with GrapheneOS or iPhones with lockdown mode enabled. Install only trusted apps and limit permissions as much as possible. + +As for your desktop and laptop computers, full-disk encryption should be enabled everywhere. For sensitive tasks, you should consider installing [Linux](https://www.privacyguides.org/en/desktop/). An amnesiac distribution like [Tails OS](https://www.privacyguides.org/en/desktop/#tails), or a security-focused distribution like [Qubes OS](https://www.privacyguides.org/en/desktop/#qubes-os) works well in this threat model. This step reduces the severity of a potential malware infection. + +## 2. Encrypt Everything + +Communicate using [end-to-end encrypted services](https://www.privacyguides.org/en/real-time-communication/) whenever possible. For messaging, rely on tools like [Signal](https://www.privacyguides.org/en/real-time-communication/#signal) or [SimpleX Chat](https://www.privacyguides.org/en/real-time-communication/#simplex-chat). For [emails](https://www.privacyguides.org/en/email/), prefer PGP-encrypted communications or use privacy-focused providers like [Proton Mail](https://www.privacyguides.org/en/email/#proton-mail) and [Tuta](https://www.privacyguides.org/en/email/#tuta). Use encrypted software such as [Cryptomator](https://www.privacyguides.org/en/encryption/#cryptomator-cloud) or [VeraCrypt](https://www.privacyguides.org/en/encryption/#veracrypt-disk) for sensitive files, and always [verify the identities](https://www.privacyguides.org/articles/2022/07/07/signal-configuration-and-hardening/?h=contact#signal-pin) of your contacts before sending anything. + +## 3. Be Skeptical and Vigilant + +Be suspicious of unexpected messages, links, and attachments that can be used to deploy zero-click attacks. Use [multi-factor authentication](https://www.privacyguides.org/en/multi-factor-authentication/) (preferably hardware tokens like [YubiKey](https://www.privacyguides.org/en/security-keys/)) to secure accounts. Regularly audit your [digital footprint](https://www.privacyguides.org/en/basics/account-deletion/): check what information about you is public, remove unnecessary exposure, and practice good operational security (OpSec) principles like minimizing what you share online. + +This approach also applies to your family members and colleagues. Often, a threat actor will also target the [associates of their victims](https://www.pbs.org/wgbh/frontline/article/pegasus-spyware-jamal-khashoggi-wife-phone-washington-post/) even if the intended target practices good OpSec. If you believe that this could happen to you, communicate this possibility to potential victims and [educate them](https://www.privacyguides.org/en/basics/why-privacy-matters/) on mitigation steps.