GET HELP TO COMBAT SPYWARE THREATS
FOR CIVIL SOCIETY AND HUMAN RIGHTS DEFENDERS:
The Security Lab offers a free-of-charge Digital Forensics review service for human rights defenders, activists, journalists, and other civil society members at risk. If you have strong reasons to believe your accounts or devices may have been targeted by spyware, you can contact us using the support request form below.
FOR TECHNOLOGISTS:
Amnesty International has developed the Mobile Verification Toolkit a tool to facilitate the consensual forensic analysis of Android and iOS devices, for the purpose of identifying traces of compromise. It continues to be maintained by Amnesty International and other contributors.
MVT is a forensic research tool intended for technologists and investigators. Using it requires understanding the basics of forensic analysis and using command-line tools. MVT is not intended for end-user self-assessment.
Mobile Verification Toolkit (mvt.re)
SUPPORT REQUEST
If you are a member of civil society, please complete the form below to get in contact with our team at the Security Lab.
Note: The Security Lab is not in a position to provide general digital security trainings or technical support.
All requests will be reviewed by our team of expert Technologists. However – we will only have capacity to respond directly in those cases where we determine that:
1) your case fits within our remit to support civil society; and
2) where we believe that there is a reasonable chance that an investigation by our team may find evidence that a spyware attack has taken place.
For this reason, we strongly request that you include as much relevant information on the secure form as possible on your circumstances and the reasons that you believe you may have suffered from a digital attack of some form.
We aim to review all requests within a week.
How do we determine if someone has been targeted by spyware?
The Security Lab uses a variety of research methodologies to understand the surveillance threats that impact civil society, including if an individual has been targeted by spyware. This includes gathering threat intelligence by tracking the sale and deployment of various spyware products and surveillance systems. In addition, through forensic investigations we gather information from mobile phones or devices like laptops to look for signs of malicious activity, which may indicate a digital attack has occurred.
The Security Lab also supports other civil society helplines and partner organisation to improve and validate their own capacity to detect digital threats.
1. Reaching out to us
The best way to reach out to us is to complete the Helpline form above. The secure form will guide you through a series of questions to understand your current situation and concerns, which will help us identify the adequate support for your needs.
We aim to respond to your request within a week.
2. Vetting and mandate check
Before we respond to your request, Security Lab staff will conduct a vetting and mandate check process to ensure the individual seeking assistance is a member of civil society, and that the type of assistance requested falls within the range of services we can provide. As part of this process, the Security Lab may refer the individual to another organisation or reject a request for support. Please note the Security Lab is unable to respond to requests which are not from civil society.
3. Tailored digital forensics
If your case requires digital forensics to detect traces of spyware, the Security Lab has developed tailored methodologies to support you. The methodologies used to perform digital forensics will depend on your device or online service, as well as your specific circumstance.
We will need to understand your specific needs to offer specialised support on a case-by-case basis. The more detailed answers that you can send in the Helpline form, the better. If we require additional information, we will contact you directly on a separate, encrypted communication channel.
4. Confirmation of results
After performing digital forensics, the Security Lab will inform you of the results. Although we intend to provide the best possible service and guidance, we cannot guarantee that the information or services provided are completely accurate or reliable. There is always a possibility that a device may be targeted in a way which is not detectable during the forensic analysis. We recommend continued caution when relying on the devices, especially in particularly sensitive security contexts.
The Security Lab may also recommend specific actions, tools and features to mitigate or manage security risks, depending on your circumstances. To support digital resilience and security, we have made public a list of our recommendations.
How do we ensure your privacy is protected?
Amnesty International’s Security Lab is committed to ensuring the privacy of all our users. We have long campaigned for the right to privacy and that is a core tenet of our work.
To provide digital forensics support, the Security Lab may require personally identifiable information, such as requesting access to your devices and their contents. We will only request the necessary data to fulfil our purpose of providing digital forensics support. We take appropriate security measures to ensure that we keep your information secure, and we will not share your forensic information with third parties (such as partner organisations) unless you have given your permission, we are legally required to, or it is crucial to provide adequate support. If you are under 18 years old, please make sure that you have your parent/guardian’s permission before giving us personal information.
For a clear explanation on what type of information we collect, how it is collected and used, and what your rights are, please refer to our Privacy Policy.
How do we support against other forms of targeted digital attacks?
Spyware is one form of digital attack, but governments and non-state actors may use other forms of targeted digital attacks. To support building your digital resilience and security, the Security Lab has brought together a Digital Security Resource Hub.
In the Hub you can find:
- Recommendations to protect your devices and data. Not all individuals face the same level of risk, so recommendations are grouped by risk level.
- Digital and information security resources created by civil society organisations and available in multiple languages for different geographies. All resources listed are free, accessible, high quality and are regularly updated. These include:
- Helplines and helpdesks if you need immediate support;
- Guides and tools you can use to enhance your digital resilience and security.
This list is updated on an ongoing basis, so please feel free to suggest additional resources and share any feedback by contacting us.