When Governments Attack: State Sponsored Malware Attacks Against Activists, Lawyers, and Journalists

Presented at Black Hat USA 2016, Aug. 4, 2016, 3:50 p.m. (50 minutes)

Targeted malware campaigns against Activists, Lawyers and journalists are becoming extremely commonplace. These attacks range in sophistication from simple spear-phishing campaigns using off the shelf malware, to APT-level attacks employing exploits, large budgets, and increasingly sophisticated techniques. Activists, lawyers and journalists are, for the most part, completely unprepared to deal with cyber-attacks; most of them don't even have a single security professional on staff. In this session Eva Galperin and Cooper Quintin of the Electronic Frontier Foundation will discuss the technical and operational details of malware campaigns against activists, journalists, and lawyers around the world, including EFF. They will also present brand new research about a threat actor targeting lawyers and activists in Europe and the Post-Soviet States. With targeted malware campaigns, governments have a powerful tool to suppress and silence dissent. As security professionals we are in a unique position to help in this fight.


  • Eva Galperin - Electronic Frontier Foundation
    Eva Galperin is a Global Policy Analyst at the Electronic Frontier Foundation. Her work is primarily focused on privacy and security for vulnerable populations around the world. To that end, she has applied the combination of her political science and technical background to everything from organizing EFF's Tor Relay Challenge to writing privacy and security training materials, including Surveillance Self Defense and the Digital First Aid Kit, to publishing research on malware in Syria and Vietnam.
  • Cooper Quintin - Electronic Frontier Foundation
    Cooper Quintin is a security researcher and programmer at EFF, working on projects such as Privacy Badger and Canary Watch. His personal mission is to support the efforts of civil society and NGOs through creative use of technology and the hacker ethic. Recently, Cooper has been helping defend NGOs by performing analysis of state sponsored malware campaigns against EFF and other organizations. He has also performed security trainings for activists, NGOs and ordinary folks around the world.