Meet the team that investigates when journalists and activists get hacked with government spyware. For over a decade, dozens of journalists and human rights activists have been targeted and hacked by governments worldwide. From Ethiopia to the United Arab Emirates, these activists have faced real-world violence, intimidation, harassment, and even murder. A team of digital security experts, based in various locations, has played a crucial role in protecting these high-risk communities. They work for the New York-based nonprofit Access Now, specifically its Digital Security Helpline. The mission is to provide a 24/7 service for journalists, human rights defenders, and dissidents who suspect they've been hacked by mercenary spyware. Hassen Selmi, leading the incident response team, explains the importance of this service. Access Now's Helpline is a vital resource for those targeted by spyware, as confirmed by senior researcher Bill Marczak. Apple, in particular, has directed victims to Access Now's investigators when sending threat notifications. The team now handles around 1,000 suspected government spyware attacks annually, with half resulting in investigations and only 5% confirmed as spyware infections. This is a significant increase from 2014 when they investigated around 20 cases per month. The team's growth and increased cases are attributed to better awareness, global availability of government spyware, and more outreach to potentially targeted populations. When someone contacts the helpline, investigators assess the case, ask relevant questions, and may request device backups for further analysis. Access Now also collaborates with CiviCERT, a global network of organizations supporting civil society members targeted by spyware. This network ensures victims have someone to report to, regardless of their location, and helps them navigate the complex world of digital security.
