Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society
UNITED STATES. DEPARTMENT OF HOMELAND SECURITY. OFFICE OF INTELLIGENCE AND ANALYSIS; UNITED STATES. FEDERAL BUREAU OF INVESTIGATION; CANADIAN CENTRE FOR CYBER SECURITY; ESTONIAN NATIONAL CYBER SECURITY CENTRE; JAPAN COMPUTER EMERGENCY RESPONSE TEAM COORDINATION CENTER; NATIONAL CENTER OF INCIDENT READINESS AND STRATEGY FOR CYBERSECURITY JAPAN; FINLAND. NATIONAL CYBER SECURITY CENTRE; JAPAN. NATIONAL POLICE AGENCY; UNITED KINGDOM. NATIONAL CYBER SECURITY CENTRE
From the document: "Civil society--nonprofit, advocacy, cultural, faith-based, academic, think tanks, journalist, dissident, and diaspora organizations, communities, and individuals involved in defending human rights and advancing democracy--are considered high-risk communities. Often, these organizations and their employees are targeted by state-sponsored threat actors who seek to undermine democratic values and interests. Regularly conducted as a type of transnational repression (also referred to as digital transnational repression), state-sponsored actors compromise organizational or personal devices and networks to intimidate, silence, coerce, harass, or harm civil society organizations and individuals. According to industry reporting, state-sponsored targeting of high-risk communities predominantly emanates from the governments of Russia, China, Iran, and North Korea. Actors typically perform extensive pre-operational research to learn about potential victims, gather information to support social engineering, or obtain login credentials. Actors target organization networks or personal accounts (e.g., email) and devices of individuals for surveillance and monitoring, often via spyware applications--malicious software that collects data from affected devices. This guide provides recommendations for civil society organizations and individuals to mitigate the threat of state-sponsored cyber operations based on observed malicious behavior. The guide also provides recommendations for software manufacturers to improve the security posture of their customers."
UNITED STATES. CYBERSECURITY & INFRASTRUCTURE SECURITY AGENCY. 14 MAY, 2024. 19p.