Measuring the (In)security of Palestinian Civil Society Websites

Abstract

Abstract Civil society organizations (cso s) are reemerging as the central reference of the Palestinian struggle at a time when cyber threats to civil society are on the rise worldwide. We developed a web scanning tool to gather security data on websites and web servers, finding Palestinian cso s neglect even basic precautions like encrypting web traffic or keeping software updated. Why? Evidence suggests this neglect cannot easily be explained by technical or financial constraints. Widening our scan to include Israeli organizations, and non-Palestinian organizations allied with the Boycott, Divestment, and Sanctions (bds) movement, we find similar security lapses, suggesting insecurity is neither unique to Palestinian cso s nor does it necessarily decline as organizations enter into contentious politics. Our results underscore the sociotechnical nature of cybersecurity, while encouraging greater vigilance from cso s.