Home of internet privacy

An introduction to threat modeling

If you are always worried about your ISP, corporations, and the government spying on you, maybe it’s time to complete an exercise called threat modeling.

It sounds like something the Pentagon does in a war room, but it’s a term used by software developers anticipating security issues in their code. Practically speaking, threat modeling is something everyone should do when considering how to safeguard their data.

Follow the steps below to transform your vague paranoia into a rational game plan and get some peace of mind:

What is threat modeling?

A good threat model is a thorough description of five things:

  1. What you have to protect
  2. Who you want to protect it from
  3. The probability of them getting it
  4. How far you’re willing to go to protect it
  5. What would happen if you failed

1. What you have to protect: The assets

Don’t think of this as asking “What do you have to hide?”. Just try to think of all the types of data you have on your digital devices, where you keep them, and how many copies exist.

Emails, photos, messages, documents: How much of it is in the cloud, and how much is only on local devices? How many of those local devices connect to the internet (smartphones, laptops), and how many don’t (hard drives, USB)?

2. Who you want to protect it from: The adversaries

For each asset, think about the consequences of it falling into the wrong hands. For instance, if you’re a journalist, you may have several politicians and/or corporations who would like a look at your contact list.

Maybe you have certain people whom you wouldn’t want to access your social media profiles. Don’t limit your thinking to just the people with the technical know-how to obtain your assets, because we’ll get to that in the next step.

3. The probability of them getting it: The risk

For each adversary, think of how likely he/she is to gain access to your data, or even attempt an attack in the first place. This will depend on their technical skill level, motivation, and intent.

Your neighbor might enjoy some free Wi-Fi now and again, but she might not be devious or motivated enough to try to steal your password. If you work in sales, your competitor has a financial motivation to see your private emails, but are they technically able to hack into your laptop?

Your ISP has access to your browsing history (unless you use Tor and/or a VPN), but are they likely to use it to blackmail you? Maybe you don’t like the idea of ISPs having your data in the first place (we certainly don’t!), but it’s still helpful to be realistic about threat likelihood, mostly just for sanity’s sake.

4. How far you’re willing to go to protect it: The cost

If you’ve read this far, chances are you’re no slouch when it comes to internet privacy. But it’s worth considering how much time (and money) you’re willing to spend to protect your assets.

For most people, a subscription to a private, encrypted VPN service is the easiest solution, but there are many additional measures you can take if you’ve evaluated your situation as high-risk.

Some tools are free, some cost money, but all will take a little bit of time to set up. Think about cost vs. benefit before you treat it like a strict to-do list.

5. What would happen if you failed: The consequences

Finally, take a look at the worst-case scenario. Everyone has private data, but the implications of compromised data are different for everyone. Is it financial ruin? Marital destruction? Crippling shame and social exile? All of the above? Or maybe nothing at all?

Privacy is for everyone, regardless of whether you think you have “something to hide.” Just because you’re not doing anything illegal doesn’t mean you should let the government snoop on your online traffic. People behave differently when they know they’re being watched, so think about the consequences to your long-term psychological health as well!

Remember, you can’t stop all the bullets

The internet is as life itself, you can never be entirely out of harm’s way. But hopefully, the simple exercise of threat modeling is enough to put your paranoia in perspective!