Due to their valuable data, journalists can become targets of ransomware attacks, online attacks that block a user’s access to their own files with the intent to sell or use as blackmail. RSF and tech expert Ben Finn explains what journalists can do to reduce their likelihood of becoming a victim.

Ransomware is a form of malware technology that blocks a user’s access to their files unless a “ransom” is paid to get it back, usually a large sum of money in the form of cryptocurrency. Ransomware attacks are appealing to hackers because they are less risky and can be automated to target millions of devices at a time. Large companies may lose millions of dollars a day if their systems are down, and are even more likely to pay large sums to regain access to operations.

In 2021, one of America’s largest insurance companies reportedly paid hackers a $40 million ransom during a cyber attack. Ransomware is so prevalent that paying criminals can purchase ransomware tools from black market companies to help them carry out attacks. Some state actors like North Korea engage in ransomware attacks to generate stable GDP. 

Journalists are at risk in particular because of the valuable data stored on their devices such as high-profile contacts, confidential government information and sensitive sources. Hackers may employ various methods to access user data, such as using email phishing campaigns, or taking advantage of software vulnerabilities and remote desktop protocol (RDP), a system which enables users to remotely access and control devices running on Windows.

6 ways to protect against ransomware

  • Regularly backup your system on an external hard drive or cloud system. This can include the operating system and large software. Backup sensitive files immediately, and all other files once a month. If you can access your archive on the backup, you don’t need to pay the ransom. 
  • Update hardware and software. Old hardware like a laptop or phone may have built-in vulnerabilities that are difficult to fix. Outdated software, such as operating systems (OS) or web browsers, are full of security vulnerabilities from downloads. Keep your system up-to-date with auto updates turned on.
  • Install anti-virus software. There are many inexpensive or free security solutions – like Avira or AVG – that are easy to use and automatically scan devices for viruses and malware.
  • Use safe habits online. Never click on links if you are unsure of the source. Some may contain code that can download a virus, hack your contacts’ accounts or shut down an entire system. 
  • Avoid unsecured networks. Connecting to public Wi-Fi, leaving your Bluetooth or AirDrop on, and connecting unknown USB devices can increase the likelihood of a security breach. If physically plugging in a device is required, consider the use of a USB condom.
  • In case of an attack, make a clean reinstall. If you are the victim of a ransomware attack, wipe your device and reinstall your operating system, software, and backed up files immediately afterwards. Since some viruses can install themselves into OS backups, wipe the entire OS.

Written by Benjamin Finn. From Houston (USA), Benjamin has been in the IT field for a decade, during which his primary focus was the deployment of internal security tools across large enterprises. Over the last two years, he has been researching on how to maintain proper security in the context of an oppressive nation-state, specifically in the context of Myanmar. He has also been working with multiple groups in Taiwan to train them on proper security and safety measures.