Your Phone Is Spying On You

Uploaded on 2020-06-17 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

In the connected world many people use their mobile phone to help manage their life. While most users know that everything they do online can be tracked and recorded, not everyone is aware of the opportunities smartphones provide for corporations and government agencies to spy on many users.

Smartphones are equipped with an arsenal of monitoring equipment: multiple microphones and cameras are designed to absorb audio and video. 

While these tools are useful for creating media, they are also a goldmine for advertisers and monitoring.
People should have the right to privacy on their mobile phones, but with the increase of malicious hackers and the use of 3rd party Apps this privacy is reducing. Governments, companies and cyber criminals look to obtain your data by any means, and use it to their advantage.

You are Being Watched

Edward Snowden showed the world how intelligence agencies are spying on their citizens and it became clear that we are all being watched.This is regardless of whether you are on a terrorist watch list or an exemplary national. The idea that our phones are listening in on your conversations became a big topic in recent years when platforms like Facebook seemingly started serving ads to people based on conversations they had when their phone was in the room.

During a recent interview, Snowden revealed that many mobile carriers are using IMEI (International Mobile Equipment Identity) and IMSI (International Mobile Subscriber Identity) codes to determine each movement of the users. The IMEI and IMSI are identification numbers of smartphones and SIM cards.

According to Snowden, when a phone is turned on, the carrier continuously records every movement of the user by assessing their distance with the two signal towers. He points out that prior to the integration of smartphones; this type of information was private. However, digital technology has made it possible for mobile manufacturers and carriers to access the bulk information and even store it as a valued possession. 

Snowden says that no individual with a smartphone is exempt from this surveillance. Unfortunately, the users are not aware of this issue and continue to ‘hand over’ their privacy rights to their respective phone carriers, mobile manufacturers, and even app developers.

Currently, government agencies and tech giants have taken proactive action to secure the privacy of mobile users, specifically after the Facebook / Cambridge Analytica scandal. However, Edward says that the actions taken are not enough. 

Pre-installed Vulnerabilities and Spyware

US researchers have discovered a large number of vulnerabilities in smartphones. Malware and backdoors are often pre-installed at the root level, and there is nothing a regular user can do about it.

Most people are aware that their cellphone may have certain vulnerabilities and that they should be careful about the settings they choose, cautious when using the device to send and receive sensitive data and wary about what kind of apps to install. 

But most users are not aware that a brand-new mobile phone straight from the factory comes with pre-installed spyware.

The phone may have an invisible app that manages to obtain elevated admin privileges and do things that you as a user can hardly detect and cannot disable. That app may even send out data packages to some remote server at night when you as the owner are sleeping and your cellphone is turned off.  

The problem of pre-installed vulnerabilities is most likely not limited to Android. Similar bugs may also exist in other operating systems. But the sheer number of Android devices makes them a more attractive target to attackers and the way the system software is developed and distributed makes it easier for them to get a foothold in the supply chain of the software.

Of the estimated 5 billion people who are using mobile devices, 85% are using models based on a version of the Android operating system. Besides smartphones, Android  also runs on a variety of other connected devices like TVs or car entertainment systems and the vulnerabilities extend to those, too.

As new software components arrive in the market at a breathtaking pace, the bugs and vulnerabilities in pre-installed software are more likely to increase in number than come to an end anytime soon.

What Data is being Collected?

What is being monitored is details of your device such as the model, name and phone number these trackers can grab your email address, the IP address that is allocated to your Internet connection and even your precise location at any given time. Some of the identified vulnerabilities allow attackers to get into the phone remotely, activate keyloggers, take screenshots or simply record everything the owner sees, does, says and hears, including the typing, deleting and correcting of passwords. Everything from music streaming and weather apps, through to news and storage apps are doing it. 

The Nuclear Option
To protect yourself from corporations or hackers listening in on your conversations, make sure to disable access to microphones for all apps that do not absolutely require them. Additionally, you should avoid clicking on any links or downloading attachments from unknown senders.

If you want to frustrate the collectors of this data as much as possible, there are other more drastic measures you can take. The obvious one is to uninstall all the apps that are not 100% essential to you. A regular cull, on a regular basis, is no bad thing anyway if only on memory and storage usage grounds.

You can switch such things as Wi-Fi, GPS and Bluetooth off when you don't need them. Additionally, you should only download reputable applications to minimize the chance of ending up with a malicious app on your phone. Running a regular malware and virus scan on your smartphone can also help you to identify and clear out any potentially harmful applications. 

Hard-line privacy activists may suggest that ditching smartphones altogether is the best step to take to avoid phone-based privacy invasions. However, for the majority of us, that would be rather impractical.

For a number of years the tech giants have batted away suggestions that they are using the microphones in our mobiles to spy but as distrust in the US tech giants has grown and many users now feel that they are being spied upon.          

DeutscheWelle:          Forbes:        Brave New Coin:       BBC:       HackRead:         Digital Information World:   

You Might Also Read: 

Coronavirus Tracing Apps Conflict With Privacy:

 

 

« Maritime Cyber Attacks Quadruple
Hackers Are Targeting Coronavirus Research »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Muninn

Muninn

At Muninn (aka Wehowsky), we specialize in mitigating potential risks within your network, providing one of the leading network detection and response (NDR) solutions on the market.

Cyverse

Cyverse

Cyverse is a cyber-security firm which provides corporations with state-of-the-art cyber-security service-based and technological solutions made in Israel.

ENLIGHTENi

ENLIGHTENi

ENLIGHTENi are the platform to develop next-gen talent in Technology, Risk, and Cybersecurity. Our mission is to develop next-gen talent through challenge-based learning and team collaboration.

Taoglas

Taoglas

Taoglas Next Gen IoT Edge software provides a pay as you go platform for customers to connect, manage and maintain their edge devices in an efficient and secure way.

At-Bay

At-Bay

At-Bay offer an end-to-end solution to cyber risk with comprehensive risk assessment, a tailored cyber insurance policy and year-long, active, risk-management service.

BLOCKO

BLOCKO

BLOCKO is a blockchain specialized technology company that has experienced and achieved the largest amount of business in South Korea.

Industrial Defender

Industrial Defender

Committed to ICS Cybersecurity. Industrial Defender provides a fully automated solution to discover, track and report on assets across your ICS footprint.

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders.

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

CYSIAM

CYSIAM

CYSIAM provides world-leading expertise in offensive security and critical incident response. We train our clients to be able to protect themselves and respond to attacks and breaches when they occur.

443ID

443ID

443ID brings OSINT data to Identity Security professionals on any digital platform.

Ipstack

Ipstack

Ipstack offers one of the leading IP to geolocation APIs and global IP database services worldwide. Protect your site and web application by detecting proxies, crawlers or tor users at first glance.

Cytek

Cytek

Cytek is a leading provider of cybersecurity and HIPAA compliance for dental practices and other industries.

Threater

Threater

Threater (formerly ThreatBlockr / Bandura Cyber) is a cybersecurity platform that provides active network defense by automating the discovery, enforcement, and analysis of cyber threats at scale.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

TerraEagle

TerraEagle

Terraeagle is a boutique cyber security services company providing tailor-made solutions. Our core competency is in SOCaaS, MDRaaS & and Incident Response Retainer Services.