A 2014 study showed that 20 of the top 25 news organization had, at one time or another, been targeted by state sponsored hackers.
Because of this threat, SecureDrop completely segments its traffic from a news organization’s normal network. Submissions are accessed and downloaded using the Tails operating system, which boots off of a USB, does not touch your computer’s hard drive, and routes all its Internet traffic through Tor.
Submissions are decrypted on an air-gapped computer also using Tails. This mitigates against the risk that an attacker could send malware through SecureDrop in an attempt to infect the news organization’s normal network as well.
The SecureDrop servers also undergo significant system hardening in order to make it as difficult as possible for hackers to break in. By doing so, SecureDrop protects sources against networks that are already compromised, as well as a news organization’s normal network from attacks that could potentially come through SecureDrop.