What is Digital Security?

Focus on a security mindset before tools

Security tools and approaches will change as threats and adversaries evolve. Early on, the most important step is to develop a security mindset rather than finding the “perfect” tool.

Cultivating this mindset takes time—it involves shifting how you analyze your environment and gradually changing daily habits.

For example, curbing the instinct to share personal updates on social media, and instead using alternative ways to stay in touch with loved ones, can be a small but meaningful first step.

Understand your context

Security tools and approaches will change as the threats and strategies used by adversaries evolve. Threats are highly contextual. A journalist in Mexico may face very different risks than a Dalit woman in India.

Understanding your own context helps you identify the most realistic threats and decide where to focus your resources and energy.

A great exercise is to create a threat model for yourself, your organizations or community where you identify possible threats, how likely they are to happen, and steps you can take to prevent or mitigate them. Your context includes:

• Where you live and work

• The issues you organize or report on

• Who may want access to your information

• Your visibility and public profile

• Your available time, resources and skills - implementing security requires both time and money.

Be highly selective with resources

Not all digital security manuals or tools are created equally, and even well-intentioned organizations may struggle to keep guides updated, and in worse case scenarios, reflecting a threat landscape from years ago that no longer applies.

There is no formal educational path in the emerging field of digital rights/security, so advice from one expert or organization may differ widely from another. Additionally, some manuals are written for specific contexts that may not reflect your own.

Expect emotional reactions

It’s normal to feel overwhelmed, frozen, or anxious when you start recognizing how exposed you are. These feelings are natural, and they don’t mean you’re failing.

The more you learn to anticipate threats and adjust your habits, the more empowered and in control you will feel.

There is no formula to be 100% secure and safe

The technological world has so many variables and each person has vulnerabilities unique to them, it is impossible to account for every risk/threat. 

The best solution would be to never be online, never share information, and never touch devices like phones - however, not even this is full proof. For example, family and friends might share information about you online; if you purchase a home, your address may be listed online via public records, and other data about your life may exist outside your control. 

Your network can be both your greatest asset and your greatest vulnerability

A community is often only as secure as its weakest link.

For example, even if you follow best practices, your personal information could be exposed if someone in your network inadvertently shares sensitive data or leaves a shared database or virtual space unsecured.

At the same time, learning to understand risks, identify vulnerabilities, and develop effective security practices is most effective when done collectively.

Working with your network—whether colleagues, fellow rights defenders, or trusted community members—helps ensure that everyone benefits from shared knowledge and protective measures.

When reaching the stage of selecting technological tools or services

It is important to keep in mind that they are not created equal. Who controls the platform or service you use has access to your information, and you have no guarantee of their promises, or who they share your information with.

Keep the following points in mind when choosing tools or services:

• Self-hosted open source tools can be more secure, particularly if you are hosting the very server that hosts the tools. However, even this comes with risks as well as requiring ongoing technical work and resources.

  Open source tools allow you to see the code to ensure no backdoor (or interference) has been added to the tool you are using. Check out a list of trusted hosting providers.
  

• Download apps and tools from trusted sources: Only download software from official websites or other trusted sources to reduce the risk of malware or tampered versions.

  There have been cases where adversaries make copies of trusted tools and services,” inject them with harmful code, and post them online in websites that look official. 
  

• Encryption matters—but know the type. Encryption can protect your communications and data, but not all encryption is equal. Some protocols offer stronger protection than others, so it’s important to understand what level of encryption a tool provides. 
  

• Be Realistic. Security practices that people cannot maintain, or tools and services that are not being used, are useless.

1. Targeted Attacks

Deliberate digital attacks aimed at a specific person, organization, or community.  Because they require planning and resources, these attacks usually focus on high-interest individuals or organizations.

Targeted attacks can quietly compromise accounts, expose networks, and create cascading harm across movements—not just for the individual but for their broader network. They often combine multiple strategies listed below.

2. Phishing & Social Engineering

Messages (email, SMS, WhatsApp, DMs) designed to trick people into revealing passwords, clicking malicious links, or installing malware.

This is one of the most common ways accounts are compromised—especially during campaigns, crises, or events. Example: you receive a fake “account warning” or a message pretending to be from a colleague or funder, prompting you to click on a link that results in the downloading of malware.

3. Phone Monitoring

Tracking or monitoring of mobile phones to collect information such as location, communications, contacts, or device activity.

By design, mobile phones can show a lot of our personal information without our consent. Phones are deeply embedded in daily life, so monitoring can reveal movements, networks, and patterns of behavior, creating risks for personal, organizational, and physical safety.

As an example, a government requesting that phone providers share data to track an individual’s movements, revealing their home location, or tracking their attendance to a sensitive meeting. Additionally, through the installation of malware or spyware, messages and calls can also be read.

4. Account Takeovers and Data Breaches / Leaks

When someone gains unauthorized access to email, social media, cloud storage, or messaging accounts. A single compromised email account can expose contacts, sensitive conversations, documents, and internal plans.

Additionally, unauthorized access to databases, shared folders, or internal systems can expose data that puts individuals, sources, and entire networks at risk.

5. Malware & Spyware

The unauthorized installation of malicious software that can monitor activity, steal data, or take control of a device. This can be done through a variety of means, including without the target’s actions, such as downloading a fake app, or using an infected USB drive.

6. Doxxing, Harassment, and Online Abuse

Publishing private or identifying information online without consent. It can lead to harassment, physical threats, or targeting of family and community members.

Additionally, coordinated harassment, threats, impersonation, or disinformation attacks can have a chilling impact on freedom of expression.

7. Platform Risks

Dependence on commercial platforms that may censor content, cooperate with authorities, shadowban (limiting visibility without notifying the user) accounts or specific type of information, or suspend accounts that can erase years of work and disconnect communities.

Additionally, social media is also used to “discover” people engaging in specific types of activism or work.

8. Data Aggregation & Profiling

Collecting and combining multiple data sources to build detailed profiles of individuals or organizations. These profiles can be used to predict behavior, target attacks, or justify surveillance and repression.

As an example, an authoritarian actor combines public social media activity, leaked databases, and travel records to map a community organizer’s network.

9. Distributed Denial of Service (DDoS) Attacks

An attack that overwhelms a website or online service with traffic, making it slow, unstable, or completely unavailable to users.

DDoS attacks can disrupt communications, shut down critical services, and silence organizations at key moments—such as during campaigns, elections, or breaking news. A great example is a human rights organization’s website being flooded with traffic and taken offline during a major advocacy campaign.

10. Surveillance via Internet of Things (IoT) Devices

Home smart devices (cameras, microphones, wearables), and public cameras and devices in “smart cities,” can be exploited to monitor people without their knowledge.

They can reveal private spaces, routines, conversations, or movements. As an example, a malicious actor hacking into a smart home device to record a target’s conversations.

11. Disinformation & Manipulation

False or misleading information intentionally spread to confuse, discredit, or manipulate a target audience. This can undermine trust, isolate individuals from their communities, and create reputational harm.

As an example, fake social media posts portraying a journalist as biased or corrupt to reduce credibility.

12. Physical–Digital Overlap

Holistic security recognizes that digital security and physical security are inseparable. Digital threats can lead to offline harm, including arrests, raids, and even physical violence.