Over the past decade, governments around the world have been targeting and hacking journalists and human rights activists. From Ethiopia to Mexico, from Hungary to Saudi Arabia, these individuals have been victims of sophisticated spyware attacks, leading to real-world violence in some extreme cases. As these threats have escalated, a team of digital security experts at the nonprofit Access Now has stepped up to provide critical support to these high-risk communities.
Based in Costa Rica, Manila, Tunisia, and other locations, the team at Access Now’s Digital Security Helpline works tirelessly to assist journalists, human rights defenders, and dissidents who suspect they have been hacked. Their mission is to provide a 24/7 service for those who have experienced cybersecurity incidents, particularly targeting spyware attacks carried out by companies like NSO Group, Intellexa, and Paragon.
Leading the incident response team at the Helpline, Hassen Selmi emphasized the importance of offering support and guidance to victims of spyware attacks. Access Now has become a frontline resource for individuals targeted by mercenary spyware, with Apple even directing users to the Helpline for assistance when they receive threat notifications.
As Selmi and his colleagues investigate about 1,000 suspected spyware cases annually, the Helpline plays a crucial role in identifying and addressing these threats. With only around 5% of cases resulting in confirmed spyware infections, the team’s efforts have helped victims understand the implications of these attacks and take necessary precautions.
Despite facing an increase in cases, the Access Now team remains dedicated to supporting those at risk. By conducting outreach to vulnerable populations and collaborating with experts like Bill Marczak from Citizen Lab, the Helpline continues to provide essential assistance to those impacted by spyware attacks.
When individuals reach out to the Helpline for help, investigators assess the case, prioritize it based on the severity of the threat, and provide guidance on next steps. Through remote analysis of the victim’s device and thorough examinations for signs of intrusion, the team at Access Now works diligently to protect those targeted by spyware.
Each case is unique, requiring personalized support and advice tailored to the individual’s circumstances. By offering expertise in known hacking techniques and providing recommendations on device security, the Helpline aims to empower victims to safeguard their digital assets and protect their privacy.
As the threat of government spyware continues to evolve, Access Now remains a beacon of hope for those facing targeted attacks. Through their unwavering dedication and expertise, the team at the Digital Security Helpline continues to defend the rights of journalists, activists, and dissidents around the world.
The importance of research and collaboration in supporting victims of spyware attacks cannot be overstated. According to Selmi, it is crucial to involve a diverse group of individuals, not just technical experts, in order to effectively address the needs of these victims. By bringing more people on board and expanding the network of support, we can better understand the complexities of these situations and provide the necessary assistance.
One initiative that has been instrumental in this effort is CiviCERT, a global coalition of organizations dedicated to helping individuals in civil society who suspect they have been targeted with spyware. Through CiviCERT, investigative teams in various regions have been able to share resources, knowledge, and tools to aid victims in identifying and responding to these attacks. This collaborative approach has proven to be invaluable in reaching individuals who may otherwise be isolated or unaware of available support services.
By leveraging the expertise and resources of organizations within the CiviCERT network, victims of spyware attacks can access a wide range of support services tailored to their specific needs. This includes outreach to journalists and other vulnerable populations in regions where access to resources may be limited. Selmi emphasizes the importance of having individuals who can communicate effectively with victims in their own language and cultural context, as this can greatly enhance the support and assistance provided.
Overall, the efforts of CiviCERT and similar initiatives highlight the importance of research, collaboration, and community engagement in addressing the unique challenges faced by victims of spyware attacks. By expanding our network of support and involving a diverse group of individuals, we can better equip ourselves to respond effectively to these incidents and ensure that victims receive the assistance they need.
