The OPSEC of Protesting
2021-06-12, 14:00–14:25, Track 2

IT both facilitates and complicates the human condition in the tradition of protesting. Activists and those supporting them need to be aware of the risks of social demonstrations. Here we dive into communication strategies for activists, as well as the basics of OPSEC. We discuss security hygiene in this context. We will also show these principles with case studies of the Civil rights movement, BLM, Hong Kong protests, Election protests, and recent hacktivist attacks against Parler and Gab.

  1. Intro (2 mins)
  2. OPSEC basics (5 mins)
    - Why is stealth mode necessary?
    - OPSEC is the process of identifying what information can be gathered by the opposition and what measures can be taken to reduce risk of exposure.
  3. The Adversary (10 mins)
    - Different strategies for different types
    - Hostile vs Permissive Governments
    - How interconnected the activist community is
    - Tactics to monitor or shut down social movements
  4. Tactics (6 mins)
    - Basic security hygiene plays a good role here
    - Controls implemented depend on risk tolerance
    - VPN, Encrypting data at rest and in transit, Burner phones, MFA, strong passwords, selection of online platforms/communication tools,
  5. Conclusion (2 mins)

Ochaun (pronounced O-shawn) Marshall is a developer and security consultant with a background in computer science education and machine learning. In his roles at Secure Ideas, he works on ongoing development projects utilizing Amazon Web Services and breaks other people's web applications. When he is not swallowing gallons of the DevOps Kool-Aid, he can be found blasting Two Steps from Hell while hacking, blogging, and coding.