September 12, 2014 — The IWMF website suffered a complex brute-force attack last Friday, September 5, 2014. The website that features the work of the IWMF and promotes the empowerment of women journalists worldwide, was defaced and most of its original content destroyed.
Using password-cracking software, a hacker operating from Turkey attacked iwmf.org, a WordPress-based website, with over 3,000 login attempts until gaining access to its backend. The hacker replaced the IWMF’s extensive website with a single page displaying the message “Hacked – Good Bye Admins” and installed malicious code to block anyone else from logging in. The website was fully restored and functional less than 36 hours after the attack was detected.
The severity of the breach, as well as the hacker’s advanced methods and systematic approach, suggest that this incident was a targeted attack against the IWMF and its mission to strengthen the role of women in the media.
Digital threats against women journalists have become a growing concern in recent years. A study on Violence and Harassment against Women in the News Media, published by the IWMF and the International News Safety Institute earlier this year, shows that nearly 20% of women journalists who participated in the study had experienced tapping, hacking and/or digital security threats.
Have you ever experienced tapping, hacking and/or digital security threats?
More than one in five (21.1%/106 of 502) respondents said they had experienced digital/online account surveillance, while 20.3% (104 of 512) reported email or other digital/online account hacking and 14.6% (74 of 428) said they experienced another form of hacking (personal websites and online news sites were commonly cited targets). Around one in five (20.9%/111 of 532) said they had experienced phone tapping.
Some respondents (19.2%/41 of 214) reported they had source material stolen, including the identity of sources, emails and interview content. The most commonly named medium for stealing source material was email hacking.
Nearly half of the journalists who experienced tapping, hacking and digital security threats (45.6%/68 of 149) said they “don’t know” who the perpetrator was, while more than a quarter (27.5%/41 of 149) said it was a government official, 15.4% (23 of 149) named police as the perpetrator and 12.1% (18 of 149) selected “other,” (comments mentioned activists, story subjects, lobbyists and competitors).
The most common targets for breach among 469 reported incidents were personal email accounts (19%/89) and work email accounts (17.3%/81). Other channels where hacking was reported included personal mobiles (14.5%/68), social media accounts (12.6%/59), and work mobiles (11.9%/56).
As one of the thought leaders in the field of women journalists’ security, the IWMF has increased its efforts to raise awareness for this issue. In October 2013, the IWMF hosted a panel dedicated to the subject at the annual conference of the Online News Association (ONA). Titled “Courage Under Digital Fire“, the panel featured three IWMF Courage in Journalism Award winners from Azerbaijan, Colombia, and Thailand, who have faced digital threats in the pursuit of their journalistic work.
In addition to hostile environment training, provided by Global Journalist Security, select IWMF fellowships, such as the Western Sahara Reporting Fellowship, have also included digital security training, teaching IWMF fellows how to protect their digital data and devices.
Claudia Julieta Duque, Colombia | 2010 Courage In Journalism Award
Khadija Ismayilova, Azerbaijan | 2012 Courage In Journalism Award
Chiranuch Premchaiporn, Thailand | 2011 Courage In Journalism Award