This Site Requires JavaScript Enabled.
Toolkits
  • IN Individuals Toolkit
  • SB Small Business Toolkit
  • ET Elections Toolkit
  • JO Journalists Toolkit
  • MBO Mission-Based Toolkit
Journalists / Prevent Phishing and Malware
Prevent Phishing and Malware: Imagine This...
By Julian Hayda
03/16/21
Ransomeware image

Imagine you’re a contributor at a major television station. You’ve long been contracted to provide expert analysis on breaking news events. You’re by the station so often that the staff has even lent you a computer and carved out some desk space for you. Your work is highly specialized and sometimes requires you to download large files from around the world.

One day, you’re about to go on the air for a primetime roundtable discussion. You edit your notes, which you researched and fact-checked thoroughly, up until minutes before you go on the air. It’s no big deal. Like clockwork, you run into the studio during a commercial break, ready to grab your papers and take your seat – except this time, there are no papers in the printer. You panic a bit but have no choice but to join your fellow panelists and improvise on air.

You go live, and all is going relatively well until the teleprompter freezes. The host, without skipping a beat, announces a commercial break, hoping to fix the issue. But the commercials don’t start. All of the computers in the building have frozen and some have shut down entirely. Engineers in the control room resort to pushing physical VHS tapes into ancient hardware to keep the station on the air. The station likely suffered from a malware attack, and it probably came from one of those files you downloaded.

This story echoes one that happened in 2017 at one of the largest public broadcasters in the United States. In less than a day, all 503 employees found that their phones had stopped working, access to the Internet had frozen, and hundreds of hours of recorded interviews were rendered inaccessible. A malware attacker demanded $2,500 worth of bitcoin to return every computer to normal. The malicious software was likely introduced by a contributor or employee who was permitted to install third-party software onto a station-owned computer.

The FBI advised the station not to comply with the attacker’s demands, as it might lead to further vulnerabilities. The station’s nine IT professionals took to erasing all computers and devices, leading to months of hand-written communications and analog technologies lending to broadcast. In the end the station was able to recover but only after investing nearly half a million additional dollars into cybersecurity infrastructure.

Every year many journalists fall victim to these kinds of malware and phishing attacks, and it can be difficult to survive. In addition to revenue loss, this can lead to expensive recovery costs, data loss, damage to reputation and more. Fortunately There are many ways to prevent a situation like this. They begin with a good sense of what’s safe or not safe to do on the Internet, but there are also software solutions that can catch an issue before it spirals out of control, affecting sources and colleagues.

The tools included in the “Prevent Phishing and Malware” toolbox aim to help prevent these types of attacks. Included are: DNS security (DNS, or Domain Name Service, is the method by which you are able to navigate the Internet) to help prevent you from going to infected websites; anti-virus software to help prevent viruses and other malicious software from getting into your systems; and ad blockers to help prevent online ads, which can carry viruses. We recommend considering use of one of each of these tools on the devices you identified in the “Know What You Have” step. 

Use the GCA Cybersecurity Toolkit for Journalists to access tools to assist you in setting up DNS security to block known malicious websites. Also check out the tools to help install anti-virus software and ad blockers.

The author, Julian Hayda, is the Craig Newmark Journalist Scholar at the Global Cyber Alliance. You can follow him on Twitter or connect with him on LinkedIn.

Back to Blog Next Post
  • About
  • Community Forum
  • Submit a Tool
  • Privacy Policy
  • Terms of Service
  • Legal Notice
  • Artificial Intelligence Policy
    and Disclosure
  • Invest in Us

Copyright @ 2025 Global Cyber Alliance | Sitemap

Scroll to top

Tool Types

Third Party Tool
Policy Document
Instructions
Third Party Scan
Video

Time

“Time” defines the approximate time it will take to implement the tool, including installation and setup. Based on your system and experience, the time may be longer or shorter than the time estimated.

Tool Levels

Level 1

Requires minimal technical knowledge to complete setup. Users with little-to-no familiarity with computer systems will still easily be able to implement Level 1 tools.

Level 2

Requires basic technical understanding of operating systems and settings controls. Users with a basic understanding will be able to easily implement Level 2 tools.

Level 3

Requires an intermediate level of understanding to implement. Users will need an intermediate understanding of computer systems and code languages.

Level 4

Requires advanced levels of understanding of computer systems, settings and code languages. Users will need experience with advanced system configurations.

Support

Contact Us
[email protected]

Community Forum
https://community.globalcyberalliance.org/