You stand on the platform waiting for your train. A man stands close to you. Too close. He takes out his phone and starts speaking in Russian, loudly, and when you look toward him, he's staring at you.

KGB intimidation tactics are on the rise as Russian activity has come under greater scrutiny by American press. Over the past few years, the attacks have become more sophisticated, with state-sponsored hacking groups like Fancy Bear targeting journalists' phones, computers, and messaging platforms.

Entire news organizations have been bombarded by phishing attacks, attempting to gather information on individuals and security measures via email and phone. In the past, journalists have had to focus on keeping secrets from the outside world; now they must also keep secrets from their own employer.

The AP identified journalists as the third-largest group on a hacking hit list obtained from cybersecurity firm Secureworks, after diplomatic personnel and U.S. Democrats. About 50 of the journalists worked at The New York Times. Others were prominent media figures in Ukraine, Moldova, the Baltics or Washington.

The Committee to Protect Journalists has produced a Technology Security guide, offering a rough outline of best practices. Originally published in 2012, the report contains misleading information and does not explicitly detail how to achieve a baseline security posture in today's digital environment.

Editorial Disclosure: Nefarious Laboratories has developed a comprehensive Digital Security & Training service for journalists, activists, and political campaigns.

Published December 22, 2017

UPDATE January 18, 2018

The Electronic Frontier Foundation and a mobile security firm have released a joint report detailing an organization known as Dark Caracal, operating out of the Lebanese General Security Directorate (GDGS) in Beirut. Since 2012, the group has stolen data from journalists, corporations, and military officers in 21 countries using malware hidden in fake versions of secure messaging apps. According to the report, the attacks relied heavily on social engineering, convincing targets to download and install the apps themselves.

We depend on the support of readers like you to fund research initiatives and product development.