Introduction
The Digital First Aid Kit is a free resource to help rapid responders and activists to better protect themselves and the communities they support against the most common types of digital emergencies. It can also be used by activists, human rights defenders, bloggers, journalists or media activists who want to learn more about how they can protect themselves and support others. If you or someone you are assisting is experiencing a digital emergency, the Digital First Aid Kit will guide you in diagnosing the issues you are facing, and refer you to support providers for further help if needed. The Digital First Aid Kit is a collaborative effort of theย RaReNet (Rapid Response Network)ย andย CiviCERT.How to Use the Kit
Select the problem you are facing and the Digital First Aid Kit will walk you through a set of questions to better diagnose the problem and find resources to help you.I Lost My Device
Is your device lost? Has it been stolen or seized by a third party? In these situations, it is important to take immediate steps to reduce the risk of someone else accessing your accounts, contacts, and personal information. This section of the Digital First Aid Kit will walk you through some basic questions so you can assess how to reduce possible harm related to losing a device.I cannot access my account
Social media and communications accounts are widely used by civil society members to communicate, share knowledge and advocate their causes. As a consequence, these accounts are highly targeted by malicious actors, who often try to compromise these accounts, causing harm to civil society members and their contacts. This guide is here to help you in case you have lost access to one of your accounts because it was compromised. Here is a questionnaire to identify the nature of your problem and find possible solutions.My device is acting suspiciously
Malware attacks have evolved and become highly sophisticated over the years. These attacks pose multiple different threats and can have serious implications to your personal and organisational infrastructure and data. Malware attacks come in different forms, such as viruses, phishing, ransomware, trojans and rootkits. Some of the threats are: computers crashing, data theft (i.e.: sensitive account credentials, financial info, bank account logins), an attacker blackmailing you to pay a ransom by taking control of your device, or taking control of your device and using it to launch DDoS attacks. Some methods commonly used by attackers to compromise you and your devices seem like regular activities, such as:- An email or a post on social media that will tempt you to open an attachment or click on a link.
- Pushing people to download and install software from an untrusted source.
- Pushing someone to enter their username and password into a website that is made to look legitimate, but is not.
- Clicking noises during phone calls
- Unexpected battery drain
- Overheating while the device is not in use
- A device operating slowly
- The device restarts frequently on its own
- Applications crash, especially after input action
- Operating system updates and/or security patches fail repeatedly
- Webcam activity indicator light is on while webcam is not in use
- Repeatedย “Blue Screens of Death”ย or kernel panics
- Flashing windows
- Antivirus warnings
I Received a Suspicious Message
You may receiveย suspiciousย messages to your email inbox, social media accounts and/or messaging applications. The most common form of suspicious emails is phishing emails. Phishing emails aim to trick you into giving up your personal, financial, or account information. They may ask you to visit a fake website or call a fake customer service number. Phishing emails can also contain attachments that install malicious software on your computer when opened. If you are not certain about the authenticity of the message you received, or what to do about it, you can use this questionnaire as a guiding tool to further diagnose the situation or to share the message with external trusted organizations that will provide you with a more detailed analysis of your message. Keep in mind that receiving a suspicious email does not necessarily mean that your account has been compromised. If you think an email or message is suspicious, don’t open it. Don’t reply to the email, don’t click any links, and don’t download any attachments. Now, answer these questions to get a better idea of what is going on.My Website is down, what is going on?
A threat faced by many NGOs, independent media and bloggers is having their voices muted because their website is down or has been defaced. This is a frustrating problem and can have a lot of causes like bad website maintenance, unreliable hosting,ย script-kiddies, a ‘denial of service’ attack or a website takeover. This section of the Digital First Aid Kit will walk you through some basic steps to diagnose potential problems using material fromย My Website is Down. It is important to know that there are many reasons why your website can go down. It can range from technical problems at the company that hosts the website or the not updated Content Management System (CMS) like Joomla or WordPress. Finding the problem and possible solutions to your website’s problem can be cumbersome. It is good practice toย contact your webmaster and the website hostย after diagnosing these common problems below. If none of these options are available to you,ย seek help from an organization you trust. As a start, consider:- Who built your website? Are they available to help?
- Was it built using WordPress or another popular CMS platform?
- Who is your web hosting provider? If you do not know, you can use aย WHOIS online serviceย to help.
Someone is Impersonating Me Online
A threat faced by many activists, human rights defenders, NGOs, independent media, and bloggers is to be impersonated by adversaries that will create false profiles, websites, or emails in their names. This is meant sometimes to create smearing campaigns, misleading information, social engineering, or stealing one’s identity in order to create noise, trust issues, and data breaches that impact the reputation of the individuals and collectives being impersonated. In other cases an adversary may impersonate someone’s online identity for financial motivations such as raising funds, stealing payment credentials, receiving payments, etc.
This is a frustrating problem that can on different levels affect your capacity to communicate and inform. It can also have different causes depending on where and how you are being impersonated.
It is important to know that there are many ways to impersonate someone (fake profiles in social media, cloned websites, spoofed emails, non-consensual publication of personal images and videos). Strategies may range from submitting take-down notices, proving original ownership, claiming copyright of the original website or information, or warning your networks and personal contacts through public or confidential communications. Diagnosing the problem and finding possible solutions to impersonation can be complicated. Sometimes it will be close to impossible to push a small hosting company to take down a website, and legal action may become necessary. It is good practice to set up alerts and monitor the internet for finding out if you or your organization are being impersonated.
This section of the Digital First Aid Kit will walk you through some basic steps to diagnose potential ways of impersonating and potential mitigation strategies to remove accounts, websites and emails impersonating you or your organization.
If you are being impersonated, follow this questionnaire to identify the nature of your problem and find possible solutions.
Are you being targeted by online harassment?
The Internet, and social media platforms in particular, have become a critical space for civil society members and organizations, especially for women, LGBTIQ people, and other minorities, to express themselves and make their voices heard. But at the same time, they have also become spaces where these groups are easily targeted for expressing their views. Online violence and abuse denies women, LGBTIQ persons, and many other unprivileged people the right to express themselves equally, freely, and without fear.
Online violence and abuse has many different forms, and malicious entities can often rely on impunity, also due to a lack of laws that protect victims of harassment in many countries, but most of all because protection strategies need to be tweaked creatively depending on what kind of attack is being launched.
It is therefore important to identify the typology of the attack targeting you to decide what steps can be taken.
This section of the Digital First Aid Kit will walk you through some basic steps to plan how to get protected against the attack you are suffering.
If you are targeted by online harassment, follow this questionnaire to identify the nature of your problem and find possible solutions.
Now, answer these questions to get a better idea of what is going on.
I Lost my Data
Digital data can be very ephemeral and unstable and there are many ways you can lose it. Physical damage of your devices, termination of your accounts, erroneous deletion, software updates and software crashes can all propel a loss of data. Besides, sometimes you might not be aware of how or if your back-up system works, or simply have forgotten about your credentials or the route to find or recover your data.
This section of the Digital First Aid Kit will walk you through some basic steps to diagnose how you might have lost data and potential mitigation strategies to recover it. Here is a questionnaire to identify the nature of your problem and find possible solutions.