Your Phone Is Spying On You

In the connected world many people use their mobile phone to help manage their life. While most users know that everything they do online can be tracked and recorded, not everyone is aware of the opportunities smartphones provide for corporations and government agencies to spy on many users.

Smartphones are equipped with an arsenal of monitoring equipment: multiple microphones and cameras are designed to absorb audio and video. 

While these tools are useful for creating media, they are also a goldmine for advertisers and monitoring.
People should have the right to privacy on their mobile phones, but with the increase of malicious hackers and the use of 3rd party Apps this privacy is reducing. Governments, companies and cyber criminals look to obtain your data by any means, and use it to their advantage.

You are Being Watched
Edward Snowden showed the world how intelligence agencies are spying on their citizens and it became clear that we are all being watched.This is regardless of whether you are on a terrorist watch list or an exemplary national. The idea that our phones are listening in on your conversations became a big topic in recent years when platforms like Facebook seemingly started serving ads to people based on conversations they had when their phone was in the room.

During a recent interview, Snowden revealed that many mobile carriers are using IMEI (International Mobile Equipment Identity) and IMSI (International Mobile Subscriber Identity) codes to determine each movement of the users. The IMEI and IMSI are identification numbers of smartphones and SIM cards.

According to Snowden, when a phone is turned on, the carrier continuously records every movement of the user by assessing their distance with the two signal towers. He points out that prior to the integration of smartphones; this type of information was private. However, digital technology has made it possible for mobile manufacturers and carriers to access the bulk information and even store it as a valued possession. 

Snowden says that no individual with a smartphone is exempt from this surveillance. Unfortunately, the users are not aware of this issue and continue to ‘hand over’ their privacy rights to their respective phone carriers, mobile manufacturers, and even app developers.

Currently, government agencies and tech giants have taken proactive action to secure the privacy of mobile users, specifically after the Facebook / Cambridge Analytica scandal. However, Edward says that the actions taken are not enough. US researchers have discovered a large number of vulnerabilities in smartphones. Malware and backdoors are often pre-installed at the root level, and there is nothing a regular user can do about it.

Most people are aware that their cellphone may have certain vulnerabilities and that they should be careful about the settings they choose, cautious when using the device to send and receive sensitive data and wary about what kind of apps to install. 

But most users are not aware that a brand-new mobile phone straight from the factory comes with pre-installed spyware.

The phone may have an invisible app that manages to obtain elevated admin privileges and do things that you as a user can hardly detect and cannot disable. That app may even send out data packages to some remote server at night when you as the owner are sleeping and your cellphone is turned off.  

The problem of pre-installed vulnerabilities is most likely not limited to Android. Similar bugs may also exist in other operating systems. But the sheer number of Android devices makes them a more attractive target to attackers and the way the system software is developed and distributed makes it easier for them to get a foothold in the supply chain of the software.

Of the estimated 5 billion people who are using mobile devices, 85% are using models based on a version of the Android operating system. Besides smartphones, Android  also runs on a variety of other connected devices like TVs or car entertainment systems and the vulnerabilities extend to those, too.

As new software components arrive in the market at a breathtaking pace, the bugs and vulnerabilities in pre-installed software are more likely to increase in number than come to an end anytime soon.

What Data is being Collected?
What is being monitored is details of your device such as the model, name and phone number these trackers can grab your email address, the IP address that is allocated to your Internet connection and even your precise location at any given time. Some of the identified vulnerabilities allow attackers to get into the phone remotely, activate keyloggers, take screenshots or simply record everything the owner sees, does, says and hears, including the typing, deleting and correcting of passwords. Everything from music streaming and weather apps, through to news and storage apps are doing it. 

The Nuclear Option
To protect yourself from corporations or hackers listening in on your conversations, make sure to disable access to microphones for all apps that do not absolutely require them. Additionally, you should avoid clicking on any links or downloading attachments from unknown senders.

If you want to frustrate the collectors of this data as much as possible, there are other more drastic measures you can take. The obvious one is to uninstall all the apps that are not 100% essential to you. A regular cull, on a regular basis, is no bad thing anyway if only on memory and storage usage grounds.

You can switch such things as Wi-Fi, GPS and Bluetooth off when you don't need them. Additionally, you should only download reputable applications to minimize the chance of ending up with a malicious app on your phone. Running a regular malware and virus scan on your smartphone can also help you to identify and clear out any potentially harmful applications. 

Hard-line privacy activists may suggest that ditching smartphones altogether is the best step to take to avoid phone-based privacy invasions. However, for the majority of us, that would be rather impractical.

For a number of years the tech giants have batted away suggestions that they are using the microphones in our mobiles to spy but as distrust in the US tech giants has grown and many users now feel that they are being spied upon.          

DeutscheWelle:          Forbes:        Brave New Coin:       BBC:       HackRead:         Digital Information World:   

You Might Also Read: 

Coronavirus Tracing Apps Conflict With Privacy:

 

 

« Maritime Cyber Attacks Quadruple
Hackers Are Targeting Coronavirus Research »

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Tenable Network Security

Tenable Network Security

Tenable Network Security - Don't rely only on CVSS to prioritize. Use machine learning to predict what is most likely to be exploited.

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

Thursday, August 20, 2020 - Join SANS and AWS Marketplace to learn the exercise of applying MITRE’s ATT&CK Matrix to the AWS Cloud and how to enhance threat detection and hunting in an AWS environment

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Secure Thingz

Secure Thingz

Secure Thingz focus on developing and delivering advanced security solutions into the emerging Industrial Internet of Things (IIoT) and Critical Infrastructure markets.

SERMA Safety & Security (S3)

SERMA Safety & Security (S3)

SERMA Safety & Security provides a comprehensive cybersecurity offering incorporating Expertise, Evaluation, Consultancy and Training, covering hardware, software and information systems.

FuseMail

FuseMail

FuseMail is a world leader in email security and web filtering.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

PSW Group

PSW Group

PSW Group is a full-service Internet solutions provider with a special focus on Internet security.

Secure Chorus

Secure Chorus

Secure Chorus is a not-for-profit membership organisation for the development of strategies, common technology standards and tangible capabilities in the field of information security.

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

CyberSat Summit

CyberSat Summit

CyberSat is dedicated to fostering the necessary discussions to flesh out and develop solutions to cyber threats in the satellite industry.