IFF OrgSec Village
Internews is hosting the virtual Internet Freedom Festival (IFF) Organizational Security Village throughout this week (June 8-12)! The event is bringing together security auditors, digital security trainers, and other experts and practitioners for a five-day program of over 20 community-led sessions exploring five major themes in organizational security.
Sessions on Day 4 focused on responding to advanced threats. Highlights from Day 4 of the OrgSec village included:
A conversation on community insights to improve automated threat modeling, gathering inputs from a diverse range of individuals and groups regarding the threats they face.
A session demonstrating how to build a threat lab with your bare hands . . . and a laptop.
An overview of digital threat information sharing for human rights.
Key takeaways from the discussions included:
Threat detection isn’t only about fancy technology! A lot of endpoint detection is process and practice-oriented. Impressing the importance of antivirus and software updates, teaching partners what abnormal activity looks like, or making sure they know the process for calling first responders takes training, process development, and awareness raising.
Trust is a key component of threat information sharing. Knowing who and where to share information about threats requires personal connections and existing trust relationships, which can feel like a barrier to entering the space. But community networks like the Computer Incident Response Center for Civil Society (CiviCERT) and information sharing standards such as the Traffic Light Protocol (TLP) can lower barriers and facilitate sharing through established community standards.
Getting started in threat analysis requires trust, skills, and time. Though you will eventually need computers powerful enough to run virtual machines, more advanced skills, and connections to other researchers and communities like CiviCERT, don’t be intimidated by the technical jargon! All it takes to get started is a willingness to learn.
Human rights advocates are facing attacks such as phishing and publication of their identifying details by government or state-sponsored adversaries that are based on online open source intelligence (OSINT) gathering. When threat modeling, it is important to identify the types of public data that makes you vulnerable and that adversaries may try to exploit.