State Actors Are Increasingly Targeting Journalists With Surveillance Malware

from the more-bad-news-on-the-press-freedom-front dept

Columbia Journalism Review is reporting it has witnessed more malware attacks targeting journalists. An article by Financial Times cyber security head Ahana Datta details attempts to compromise a Middle East correspondent’s phone via WhatsApp.

The correspondent, who I will not name for reasons that will soon become clear, mentioned that in recent weeks they had been receiving mysterious WhatsApp calls. The numbers were unrecognized. Afterward, their phone battery had drained quickly. And they were sometimes unable to end other calls, because the screen seemed to freeze.

They had been working on an investigation into surveillance on journalists and human rights activists in a particular Middle Eastern nation, and had been in contact with sources the government was hostile to. We decided the reporter was safer with a separate device for this story.

This unnamed reporter wasn’t the only one targeted. Datta asked other journalists if they’d experienced similar issues. Four reporters also had noticed unusual performance issues and reported they had received fake SMS authentication codes for secure messaging apps — codes that were sent unprompted. A few had been duped into downloading unknown software. Others reported their phones behaving strangely after their devices had been in the hands of others, like personnel at border checkpoints.

Touring other Financial Times branches, Datta found more of the same, even if the deployment methods varied a bit.

In parts of Eastern Europe, the flavor seems to be plausible deniability: threats commonly manifest in the form of creative phishing attacks, such as imposters trying to connect on LinkedIn or impersonating emails from known contacts.


In Asia, journalists are more often targeted by people on the ground. State agents often inexplicably show up where correspondents and their sources are scheduled to meet. Some countries have a centralized database of residents’ IDs, including facial recognition, so the federal police and regional police are largely in sync. In some areas, messaging apps can be disabled based on where you’re located.

In one Asian office, state officials called to question wording in articles that had yet to be published, indicating journalists’ devices had been compromised by state actors.

Unfortunately, this isn’t news in the normal sense of the word. It’s mainly just the continuation of distressing developments around the world. Governments are increasingly targeting journalists, especially those they might want to deter from publishing unflattering reports about government activities. Equally as unfortunate is these tools are being sold to them by a number of companies that insist they’re in the national security/law enforcement business but are more than willing to sell malware to countries known for their stifling of dissent, targeting of journalists, and long histories of human rights violations.

Israeli tech company NSO Group is one of the worst offenders. It has sold malware and spyware to blacklisted countries and seems unconcerned that it’s providing nearby enemies with the tools to target the residents of its home country.

Making matters worse are law enforcement agencies in countries where human rights are considered to be respected. Many have already expressed their displeasure that Facebook is adding end-to-end encryption to Messenger. But they’re also upset Facebook is warning WhatsApp users when it detects abnormal activity that could indicate they’ve been targeted by state actors or malicious hackers. These agencies would apparently rather see journalists and activists harmed than watch a single suspected criminal avoid being compromised by law enforcement-deployed malware.

So, what can journalists do to protect themselves? Datta suggests the same things that have worked for years. Use encrypted communications methods. Turn on two-factor authentication. Encrypt devices and their content. Toss devices in a Faraday bag if traveling in high-risk locations.

Most importantly, though, is that journalists never give up. If a state-sponsored hacker wants to compromise a device, there’s a good chance it will eventually be compromised. But that’s no reason for journalists to sit back and allow it to happen. Why make it easy on them? Be a frustrating target — one that makes it as difficult as possible for those seeking to do harm to journalists and their sources.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “State Actors Are Increasingly Targeting Journalists With Surveillance Malware”

Subscribe: RSS Leave a comment
This comment has been deemed insightful by the community.
Anonymous Coward says:

These agencies would apparently rather see journalists and activists harmed than watch a single article they dislike from reaching the public.

Make no mistake about the intent here. Their "suspected criminal" is the journalist. Why? Because the journalist dared to speak in a way they disapprove of.

Anonymous Coward says:

Every country is doing the same thing! Why? Because there isnt a single country, democratic or otherwise, where the government isnt as corrupt as it can be! Where every politician is getting underhand payments for helping some person, company or industry get something it wouldn’t otherwise have got and in doing so, the public are screwed, over and over. We all hear tales of what’s going on in Russia, China and other places but dont be fooled into thinking it aint happening here! How the hell did the movie industry get how it is? What about the telecoms industry, the mobile industry and the tv industry? All are able to get massive handouts, not do anything that the handouts were give for and pocket the publics cash! Never any punishment, no fallout, nothing! Even the body that is supposed to look after the publics interests specifically, falls over itself, unable to do the various industries biddings fast enough! How is this not a corrupt society? Everything is done to ensure the ‘few’ get maximum benefit, maximum reward, for maximum length of time, off of the enslaved backs of everyone else, backed admirably by all sectors of law enforcement!

anoncoowie says:

Something like ad nauseum might help

Dumb phones are a decent notion. One of the FOSS tools for the web browsing ad blocker community, ad nauseum, takes a different approach: poisoning the well. The pair, a phone that is just a phone, and a smartphone that just spews mashed up text full of attractive keywords might be valuable. Isolating a valid bit of information from a firehose is harder both for machines and humans.

ROGS Vulva studies says:

re: electronic implants and gang stalking

In the para-linguistic terminology of cops, intel agents, private contractors, et al who are online gang stalkers, this is what THEY call "electronic implants," while sheep dipping the dialectic with psychobabble and gibberish about bio-implants and sattellite connected chips.

The use of para-language confuses the average onlookers ability to understand the terms, phrases, and dialectic of organized gang stalking.

But the NSA et al really do use computer/cell phone monitoring software that is defined as "electronic implants" and this was most notable in the Equation Group of hackers, tied to the NSA, who did this shit surreptitiously for fourteen years before they were outed.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...