Take extra precaution against attackers
Malware is potentially the most dangerous attack against an activist, as it provides easy access to account information as well as extensive personal and project related documentation. There is no single or simple method to protect yourself from malware, but you can make yourself a more difficult adversary.
Keep in mind, however, that specialized and targeted malware will not be detected by even the best anti-virus software. Steps 1 and 2 make you safer against older malware, but only by changing your behavior will you improve your resilience.
- Step 1: Regularly check for updates to all of your software, especially your operating system and your browser
- Step 2: Install and configure an anti-virus program (see above) and make sure it updates automatically. Some anti-virus programs will stop after their trial period expires without warning.
- Step 3: Change your own behaviors. Email and chat attachments are common ‘attack vectors’ where a compromised computer of a friend will automatically try to send malicious attachments to the owner’s entire address book. Ask people to send documents in plain text where possible and never open unexpected attachments without carefully verifying that the sender intended to send it! Tibet Action’s ‘Detach from Attachments’ provides further suggestions. Using a third party service like Google Docs to open office documents and spreadsheets can also let you see and edit the content with a much lower risk of a malware infestation.
- Step 4: Further protection can be provided by adding plugins to your browser such as HTTPS Everywhere or NoScript (for firefox).