Much is said about digital security. As an investigative journalist and/or OSINT investigator, the need for vigilance is constant, given the increasing complexity of threats and ever-evolving risks.
In this repository, drawn from my cybersecurity experience, I will guide you through a step-by-step process in constructing a dedicated machine for advanced investigations.
I will address a range of potential issues that may arise during an investigation. I emphasize that, in the realm of protection in the digital world, it is imperative to understand whom we aim to safeguard ourselves from. Unfortunately, this in-depth discussion does not fit within this text, which already has a substantial focus. Fortunately, a few weeks ago, I crafted a specific article on how to protect oneself and, primarily, understand who our adversary is. The link to identify the adversary and assess the threat level is available here.
Considering the online battlefield in which we are immersed, we will focus on a fictional team of researchers engaged in a project investigating disinformation campaigns orchestrated by hostile governments. These countries represent advanced adversaries, with significant ties to criminal groups, including mercenary militaries, terrorist organizations, mafias, and highly specialized hacker groups (APTs).
In this challenging environment, it is vital for the team to adopt stringent measures to mitigate various risks, thereby ensuring the success of the project.
Within this context, two crucial aspects emerge: First, the people involved and, second, the technologies employed in the project.
People are the backbone, representing a critical mass for the project. They possess feelings and emotions that need to be handled with care. Before any outcome, it is essential to shield them from the collateral effects resulting from the power and malice of adversaries who can attack or traumatize mercilessly. We will address some key points in this regard, seeking the best strategies to circumvent or mitigate the negative effects on individuals.
On the technical front of the project, it is imperative to apply the best configurations, utilize high-quality tools based on available resources, and create an advanced plan to address each technical risk aspect. Given the capacity, knowledge, and determination of the adversary, at some point, they will undoubtedly carry out attacks, infiltrate our systems, and gain unauthorized access. We need to ensure that, when this happens, we are prepared to thwart their success, mitigating significant losses. In this aspect, ensuring that our crucial investigations, research, and data remain uncompromised, and that the identities of team members are not exposed, is of utmost importance.