While mass surveillance collects vast amounts of data from the general population, targeted attacks are different. They focus specifically on individuals or groups deemed “persons of interest” by governments, corporations, or malicious actors. This kind of surveillance can be far more invasive and precise; however, it is also less likely to occur for most people.
How Do Targeted Attacks Work?
Targeted attacks uses several techniques to infiltrate a person’s digital and physical life. It often involves direct attacks on devices, network interception, and even human intelligence.
Device Exploitation is one of the most common methods. Attackers might use malware, spyware, or vulnerabilities in your phone, computer, or IoT devices to gain persistent access. Tools like Pegasus have shown how even encrypted apps can be compromised once the device itself is under control.
Network surveillance targets the transmission of your data. By attacking the infrastructure between you and your services, adversaries can conduct man-in-the-middle attacks, monitor unencrypted traffic, or inject malicious payloads.
Social engineering remains one of the most effective ways to target a device. Phishing emails, malicious attachments, impersonation, and psychological manipulation are used to trick targets into handing over sensitive information or installing malware themselves.
Who Is At Risk?
Targeted attacks can be devastating. It can expose sensitive conversations, reveal confidential information, endanger lives, and destroy trust. Whether you are a journalist communicating with sources, a whistleblower exposing corruption, or simply someone advocating for civil rights, protecting yourself against targeted attacks is essential to maintaining your freedom and safety.
Victims often suffer from feelings of helplessness and anxiety. Recognizing your risk before a targeted attack and preparing accordingly is crucial for this threat model.
Best Practices
1. Harden Your Devices
Ensure that your devices are secure: Keep your operating systems and apps up to date with the latest security patches. Ideally, you should purchase the latest mobile devices that are known for security, such as Pixel phones with GrapheneOS or iPhones with lockdown mode enabled. Install only trusted apps and limit permissions as much as possible.
As for your desktop and laptop computers, full-disk encryption should be enabled everywhere. For sensitive tasks, you should consider installing Linux. An amnesiac distribution like Tails OS, or a security-focused distribution like Qubes OS works well in this threat model. This step reduces the severity of a potential malware infection.
2. Encrypt Everything
Communicate using end-to-end encrypted services whenever possible. For messaging, rely on tools like Signal or SimpleX Chat.
For emails, prefer PGP-encrypted communications or use privacy-focused providers like Proton Mail and Tuta.
Use encrypted software such as Cryptomator or VeraCrypt for sensitive files, and always verify the identities of your contacts before sending anything.
3. Be Skeptical and Vigilant
Be suspicious of unexpected messages, links, and attachments that can be used to deploy zero-click attacks. Use multi-factor authentication (preferably hardware tokens like YubiKey) to secure accounts.
Regularly audit your digital footprint: check what information about you is public, remove unnecessary exposure, and practice good operational security (OpSec) principles like minimizing what you share online.
This approach also applies to your family members and colleagues. Often, a threat actor will also target the associates of their victims even if the intended target practices good OpSec. If you believe that this could happen to you, communicate this possibility to potential victims and educate them on mitigation steps.
Last edited by @jonah 2025-05-08T00:33:00Z