Building upon the concepts introduced earlier, let’s delve into technical aspects using the digital security manuals from the Kicksecure Project as a reference.
As outlined in these guidelines, the most critical aspects for a computer include the following:
- Man-in-the-Middle (MITM) Attacks: These occur when an intruder intercepts communication between OSINT team members, potentially accessing and manipulating confidential information.
- Malware Injection: This involves inserting malware into messages, documents, or emails shared among the OSINT team with the aim of compromising systems.
- Phishing: Phishing attacks, part of the social engineering mentioned earlier, involve technical aspects where adversaries aim to trick team members into divulging personal information or sensitive credentials, often through deceptive emails.
Note: Phishing and social engineering are related concepts, but each addresses a different approach to manipulating individuals to obtain confidential information. Here are the fundamental distinctions between the two terms:
** Phishing: Refers to a specific type of cyberattack where attackers try to deceive people into disclosing confidential information, such as passwords, credit card details, or banking information. This is typically accomplished through emails, instant messages, or fraudulent websites that impersonate legitimate organizations.
** Social Engineering: It’s a broader approach encompassing various techniques to manipulate or deceive people, not limited to the digital realm alone. It involves leveraging human vulnerabilities to gain access to confidential information, whether in person, over the phone, email, or other means.
- Ransomware Attacks: Ransomware is a type of malware that encrypts files on personal computers or file servers, potentially compromising key project files and folders.
- * Outdated Applications: These vulnerabilities exploit gaps in outdated applications or systems, potentially leading to the breach of personal computers.
- * Distributed Denial of Service (DDoS) Attacks: In this type of attack, servers and communications are overwhelmed with fake traffic, rendering services inaccessible.
- * Attacks against Remote File Servers: Attacks targeting remote file servers where the team shares data, aiming to access, modify, or exfiltrate confidential data.
We’ve outlined the primary types of attacks on host computers, while there are many others. Nevertheless, implementing the correct settings and maintaining a cautious mindset can reduce most digital threats.
Unfortunately, investigative journalists and OSINT investigators often lack the expertise to implement the correct settings and usually don’t have the time to learn how to do so. These settings require expertise in cyber defense to implement properly.
Therefore, this project seems infeasible due to the threats and risks inherent in such an ambitious undertaking. But does our security journey end here? Not quite; fortunately, there’s a reasonably simple solution, and I’ll show it to you next. Follow along!