A Practical Guide to Threat Modeling for Activists
Introduction: Proactive Self-Defense
Threat modeling is the process of thinking systematically about what you need to protect and who you need to protect it from. For activists, it’s not about paranoia; it’s about proactive self-defense. It helps you identify potential threats to your work, your safety, and your community, allowing you to make informed decisions about which security measures are right for you. This guide will walk you through the basic steps to create your own threat model.
Core Concepts Explained Simply
To build a threat model, you need to answer a few key questions. Let’s break them down.
1. What are your ASSETS?
Assets are the things you need to protect. They can be digital or physical. Think about what would cause harm if it were exposed, stolen, or destroyed.
- Your Identity & Anonymity: Who you are.
- Your Location: Where you are, where you live, or where you meet.
- Your Communications: Emails, text messages, phone calls.
- Your Data & Files: Research, plans, documents, photos.
- Your Contacts: The list of people you work with and trust.
- Your Equipment: Laptops, phones, cameras.
- Your Reputation: Your credibility and public image.
2. Who are your ADVERSARIES?
Adversaries are the individuals or groups who might want to harm your assets. Be realistic about who has the motivation to target you.
- State Actors: Law enforcement, intelligence agencies.
- Counter-Protesters or Opposing Groups: Groups with conflicting goals.
- Online Harassers & Trolls: Individuals who attack you online.
- Malicious Hackers (Black Hats): Individuals trying to break into your accounts for various reasons.
- Insiders: Someone within your group who may not have good intentions.
3. What are their CAPABILITIES?
Capabilities are what your adversaries can realistically do. A random online troll has very different capabilities than a government agency.
- Online Surveillance: Monitor social media, read public posts, track connections.
- Physical Surveillance: Follow you, watch meeting spots.
- Technical Attacks: Phishing (fake emails to steal passwords), hacking into accounts, deploying malware.
- Legal Action: Subpoenas, arrests, lawsuits.
- Information Operations: Spreading disinformation to damage your reputation.
- Resource-Intensive Operations: For state actors, this could include things like mobile phone tracking or obtaining data from tech companies.
4. What are the RISKS?
Risks are the potential negative consequences if an adversary successfully compromises one of your assets. This is where you connect assets to adversaries.
- Risk: An online harasser discovers your home address (Asset: Location). Harm: Physical danger, intimidation of you or your family.
- Risk: Law enforcement reads your unencrypted plans (Asset: Data). Harm: Disruption of activities, potential arrests.
- Risk: A hacker takes over your social media account (Asset: Reputation/Equipment). Harm: Spreading false information, loss of credibility, alienating supporters.
Your Threat Modeling Worksheet
Copy this template and fill it out for yourself or your group. Be honest and realistic. Your threat model can change over time, so revisit it periodically.
Step 1: Identify Your Assets
What do I/we need to protect? (List at least 3)
- Asset 1: _________ (e.g., My private list of contacts)
- Asset 2: _________ (e.g., The location of our next meeting)
- Asset 3: _________ (e.g., My personal anonymity online)
Step 2: Identify Your Adversaries
Who might try to target my/our assets?
- Adversary 1: _________ (e.g., Online trolls)
- Adversary 2: _________ (e.g., Local law enforcement)
- Adversary 3: _________ (e.g., A counter-protest group)
Step 3: Assess Risks & Capabilities
For each asset, consider the adversaries and what could happen. Fill out the table below.
| Asset |
Adversary |
What can they do? (Capability) |
What is the harm? (Risk) |
How likely is it? (Low/Medium/High) |
| Example: My anonymity |
Online harassers |
Doxing (publishing my private info) |
Threats to my safety, job loss |
High |
| Example: Meeting location |
Counter-protesters |
Physical surveillance, showing up to disrupt |
Disruption of event, potential for violence |
Medium |
| |
|
|
|
|
| |
|
|
|
|
| |
|
|
|
|
Step 4: Decide on Mitigations
Now that you understand the risks, what concrete steps will you take to protect your assets?
- To protect [Asset 1], I will: _________ (e.g., Use an encrypted messaging app like Signal and avoid cloud backups of chats).
- To protect [Asset 2], I will: _________ (e.g., Only share the location one hour before the event via secure channels).
- To protect [Asset 3], I will: _________ (e.g., Use a pseudonym online, use a VPN, and scrub my photos of metadata before posting).