The IRE website will be unavailable while we complete routine maintenance on Friday, April 16 from 8-10 am CT.
IRE favicon

Investigating hacks and data breaches (plus preventing your own)

By Carlie Procell

Julia Angwin of ProPublica and Sri Sridharan of the Florida Center for Cybersecurity spoke about ways to cover data breaches as a journalist, along with ways to protect yourself from the hackers.

Ways to protect yourself from hackers

It’s difficult to figure out if your personal data has been stolen, and it’s even more difficult to figure out who did it. Angwin and Sridharan stressed the importance of taking precautions so hackers can’t easily access your personal data, especially since the majority of data breaches happen due to user error. Here are some useful tips:

  • Two-factor authentication – Many services like Facebook, Twitter and Gmail offer two-factor authentication to access your account. This means that you not only need a password to log into your account, but also a code that is sent to your phone.
  • Long & complex passwords – If your phone isn’t always readily available, Angwin suggested a long and complex password that would be hard for brute-force attacks to crack.
  • Update software – Keep your phone applications as well as software on your computer up-to-date. Those updates usually contain patches to fix known vulnerabilities.
  • Delete software you’re not using – When you download software, even if you’re not actively using it, your device becomes open to vulnerability.
  • Use encrypted messaging apps like Signal or PGP clients like Mailvelope or Postbox for all your conversations with sources.

 

Ways to cover data breaches

  • Be careful when using hacked information for the public good, ask yourself if you’re perpetuating propaganda first.
  • When you find out a company has been hacked, first ask what kind of data has been breached. Then, ask what the company is doing to contain the attack and if they know how long the attacker has been stealing data. Finally, ask what they’re doing to prevent similar attacks in the future. Is it a proactive or reactive response?
  • Ask companies if they have prepared for a breach and what their process would be if it were to happen.
  • Remember that hacking can be a political act and not just a financial act. Pay attention to what kind of data is being breached.
  • Lean on resources like Canada’s Citizen Lab to help you with investigating malware attacks.
  • Look out for future cybersecurity legislation. Currently, there are no fines attached to data breaches. Companies only pay for damages. If there were fines, insurers would have to step in and standards of cyber defense would be put in place to help mitigate attacks.
  • The current federal response to breaches is increased surveillance – for better or for worse.
  • Turn to the International Association for Privacy Professionals when you need legal help in an information privacy case.
141 Neff Annex   |   Missouri School of Journalism Columbia, MO 65211   |   573-882-2042   |   info@ire.org   |   Privacy Policy
crossmenuwarning linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram