This is not easy, because once someone is entrenched in your technology it can be like a game of whack-a-mole trying to get them out.
If you KNOW who is targeting you, that’s half the battle right there. You might have a good idea of their habits, their methods, their motives, and their skill level.
If you don’t know, one of the difficulties is proving you’re being targeted at all. First you have to prove it to yourself, then you can use concrete evidence to prove it to others. Some people will be unwilling to help you without concrete evidence, because they have no way of knowing whether you’re actually being targeted or dealing with a mental health episode.
Map Out Your Technology
Step one is to map out your technology. Make a list of all of your email addresses, mobile devices, phone numbers, network-connected devices, smart TVs, thermostats, smart bulbs, tablets, music players, voice mails, etc.
Shut Down What You Can Shut Down
If an attacker has persistence, i.e. multiple persistent paths into your technology ecosystem, and you have the flexibility, it can helpful to shut off everything, bring it back online only when confirmed clear or reset. Examples: Resetting your phone and restoring to it is not helpful if the attacker already owns your email account, and vice versa.
Reset Every Password
Follow the instructions in the Lock Down article and change every single password. Use a password manager with a strong encryption password. Never use the same password twice. Let the password manager generate the passwords for you.
Delete Unnecessary Apps from your mobile devices
Go to your phone’s app store, examine your installed apps, sort them by install date if you can, and look for anything you don’t recognize. They might contain spyware. Factory reset if you can, but AFTER you change the password for the email linked to the phone.
Check your accounts for unrecognized logins
Check each of your social media accounts’ login history. Look for logins from unexpected locations or at unexpected times. Maybe you upgraded phones not too long ago, but instead of destroying that old device, you sold it, gave it to someone, or haphazardly put it aside and someone took advantage of that. If that phone is still linked to your accounts somewhere, that’s a way into your life.
Check physical computers, chargers, etc. for unrecognized USB devices
Someone may have planted a keylogger or other device on your desktop computer. When’s the last time you looked closely at the ports, both front and rear. It might look like a flash drive, or a dongle, or it might look like an adapter that sits between the keyboard and the USB port. Anytime you get a brand new charging cable with a device, mark that discreetly in a way that you will recognize that it’s yours. Get to the point where you’re only using known cables. There are hacking devices available that simply look like a phone charger.
Limit Device Exposure
If you live alone, consider turning off your devices when you go to bed. Depending on your tech profile, this could even include your wifi router.
Take Copious Notes
If you notice something out of whack, take notes, in a password-protected document. Example: You notice an app you don’t remember installing — note the date you observed the app, the date installed, if you can find it, the name of the app, the name of the developer. You will need facts to convince anyone to act or to help you.
Know Your Limits
If you are the target of a nation-state, or of a person or group with considerable resources and motivation, your best approach is to consult an expert. A persistent and resourceful adversary is beyond the scope of this article. Chances are, if it has gotten that far, you know or suspect who is targeting you, and other approaches with that information in mind might prove more fruitful.
[More to Come… Suggestions/requests welcomed]