When a major cyberattack occurs, media and global stakeholders largely focus on the targeted organization, the ransom amount, and the policy response – while the real experiences of and impacts on affected individuals are often misunderstood or enitrely ignored.
#StillVulnerable is a human-led campaign to remind people that we are all vulnerable to cyberattacks – and to inspire our audience to call on world leaders to follow through with their cybersecurity commitments. By putting our audience in the shoes of a cyberattack victim through real-life storytelling, we show that cyberattacks are not just a shadow war happening in the darkest corners of the Internet. The campaign aims to:
There is no playbook or database of cyberattacks. That’s what makes the experience all the more misunderstood. Digital Peace Now created the campaign from the ground up and undertook an effort to identify and contact victims, build trust and confidence to share their stories, and amplify them among our key audiences - digital natives who are equally vulnerable, but have the power to make a difference.
Research & Info-Gathering:
Researched cyberattacks worldwide and reached out to individuals who were directly impacted by digital attacks.
Carefully considered the diversity of candidates - from the type of cyberattack, location, industry, and personal experience - we would feature in the collection.
Developed interview questions tailored to each individual and the individual’s cyberattack experience.
Challenges: Identifying specific victims from news of cyberattacks, where many could not or would not reveal their identities publicly. Tracking down contact information. Establishing direct contact.
Set up and hosted one-on-one interviews with cyberattack victims to discuss an emotional and very personal experience.
Worked with each cyberattack victim to make sure they felt comfortable sharing their unique story.
Transcribed and edited each interview transcription to make their stories more engaging and digestible.
Challenges: Receiving no response. Establishing trust with people who are afraid, wary, ashamed, generally want to put the experience behind them.
Creation of Artwork:
Created unique illustrations for each #StillVulnerable story that was reflective of the cyberattack victim’s testimonial.
Challenges: Transforming and capturing the emotion of an intangible experience into a visual format.
Publication & Amplification:
Promoted the campaign on Digital Peace Now platforms (website, Twitter, LinkedIn, newsletter).
Coordinated with victims, company ambassadors, board members, partner organizations, and industry influencers to promote the campaign among their networks.
Launched two public Twitter Spaces events featuring cyberattack victims (Gurmehar Kaur and Lama Fakih) to continue to spread awareness for the campaign and the human impact of cyberattacks.
Contacted numerous publications and news reporters to announce the launch of #StillVulnerable.
Challenges: Generating campaign content and outreach material that would interest media reps and engage the general public.
#StillVulnerable’s key objective of humanizing cyberattack experiences - and showing we are all vulnerable to this threat - was achieved through the diversity of voices, stories, and methods of attacks we showcased. Stories included indivudals impacted by some of the most widely recognized cyberattacks, like the Pegasus and Russian attacks on Ukraine, as well as untold accounts and the reasons behind them: financial gain, espionage, political motivations, warfare, disruption, and harassment.
The campaign told 13 stories of men and women spanning:
Industries: Law, healthcare, government, civil society, technology, finance, meat processing, education, and cryptocurrency.
Job roles: Ukrainian cybersecurity agency head, human rights lawyer, nurse, Native American tribal chief, chief information security officer, NGO founder, hedge fund leader, meat factory worker, human rights advocate, college student, civil society advocate.
Countries: United States, Ukraine, United Kingdom, Lebanon, India, Brazil, Afghanistan.
For the initial launch, media coverage included national and trade publications with a total reach of 12.78 million readers. The exclusive story ran in Axios’ Login newsletter with an accompanying standalone piece, with additional pick-up in CyberWire Daily Briefing Newsletter, National CyberSecurity News, Cybersecurity Insiders, IAPP Blog, and ORF’s Humans of the Web podcast.
While we garnered over 1.8 million social media impressions and an average website session time of 4 minutes, our best results were intangible. We received overwhelming positive feedback and support from our network of partners in the digital diplomacy and cyber world, allowing us to uncover more stories and reach more people to speak up about their experiences.