Journalists should know these basic security steps

Journalists should know these basic security steps

As the virtual world settles into our lives day by day, the number of dangerous traps here is increasing. It is also important that journalists, who are in contact with new people every day, protect themselves from these traps. So how can we ensure security in the virtual world?

Saying that cyber security is a laborious job, Sinan Eren from Silicon Valley points out that this cannot be solved by doing one thing. Eren, who has been working in the digital security industry for more than 20 years, gives some basic information that will make journalists’ lives easier.

Different password

The bank, social media addresses and/or passwords of your e-mails should not be the same. Using a password you are familiar with on a website for which you have created an account for any reason; It means that if a malicious operation is performed on any website, the passwords of all your accounts are stolen.

If your social media accounts are stolen, there is a risk that your information will be captured, as well as used for campaigns such as fraud or phishing. These fake campaigns are usually the kind that promises your followers/friends more money in exchange for a certain amount.

iPhone and Chrome also have very secure password protection systems. Passwords saved on the iPhone are written to a special microchip. Even if the phone is stolen, it cannot be taken out.

Journalists should know these basic security steps

Two factor authentication

In particular, access to the e-mail addresses of journalists pursued by authoritarian regimes is sought. For this reason, two-step verification must be enabled. It is possible to do this in different ways, such as a code that comes to the phone, applications that generate special codes, or physical keys such as USB sticks. Social media accounts and even games should use this.

Updates

Do not ignore the update notifications coming to your phones and computers to ensure cyber hygiene. It is important to keep up with critical regulations to follow the updates, which are usually sent within 48 hours when a digital vulnerability is detected.

Security products and use of Wi-Fi

If you are using Windows, it comes with Microsoft’s anti-virus. That’s why you have security. New android phones are also secure enough; on old ones you need to use some software.

Wi-Fi technologies, on the other hand, have developed a lot, there is no need to worry as much as before. Using the same Wi-Fi with other people is not such a problem. But if you are doing sensitive work, you can use a VPN. But at this point, it is very important to use reliable VPN companies. For example, companies like NordVPN or ExpressVPN are unreliable.

Hard disk usage

The information on the disc cannot be copied when your computer is stolen or taken by someone. In the past, when you flew to China, they would take you to a separate room, somehow copying the entire hard drive in the laptop. After this started to happen very often, business people started to take disposable computers with them when flying to China. Because, they separate you from everything and pull you aside, while they are copying your hard disk.

In order to avoid such situations, you can completely encrypt your hard disk by using the applications called Bitlocker in Microsoft Windows and FileVault in macOS.

Turn the phone off and on

It is useful to do it every day, especially if you are in critical environments. Many of the software, especially those that go after journalists, like NSO’s Pegasus, have trouble re-activating themselves because they want to leave less traces.

Phishing

Although we have developed an immunity to such issues, sometimes links can be given in messages that can be very convincing. Some journalists investigating some students who went missing in Mexico were tracked using NSO. The journalist was constantly receiving strange messages, one of which was that his wife was cheating on him, another message was about taxes, and the last message was that there were photos about the murders from a number he knew; however, by clicking on the link, it is reported that his phone was infiltrated.

If these links are clicked, there are two options. In one you are expected to enter a username and password; If you turn it off without doing this, it’s fine. In the other (some threats such as NSO) they are entered into your system as soon as you click on the link.

Open an extra virtual Windows or Mac session within the computer. You can open a separate virtual session and reset everything by downloading apps like below to Windows. Even if the system is infiltrated, you can restart everything.

Other considerations

In the past, the software was running as soon as the flash memory was plugged into the computer. Now Windows is protecting; you can still open in a virtual session or use another computer.
It should not be forgotten that there are risks in applications such as Dropbox and WeTransfer. It is useful to open the files shared through these in a virtual session.
Specifying that you are a journalist in Gmail and ticking the “I’m in danger” option allows your account to be audited separately. It is checked to see if anyone other than you is logged into your account, and it is reported immediately.
Apply this as soon as an update is available to the Chrome app.
Regularly back up your data on an external memory.
Use cover tape for your camera and microphones.
Do not allow applications to access microphone, camera or location on mobile. Allow only when you use it.

Views: 546