Your Phone Is Spying On You

Uploaded on 2020-06-17 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

In the connected world many people use their mobile phone to help manage their life. While most users know that everything they do online can be tracked and recorded, not everyone is aware of the opportunities smartphones provide for corporations and government agencies to spy on many users.

Smartphones are equipped with an arsenal of monitoring equipment: multiple microphones and cameras are designed to absorb audio and video. 

While these tools are useful for creating media, they are also a goldmine for advertisers and monitoring.
People should have the right to privacy on their mobile phones, but with the increase of malicious hackers and the use of 3rd party Apps this privacy is reducing. Governments, companies and cyber criminals look to obtain your data by any means, and use it to their advantage.

You are Being Watched

Edward Snowden showed the world how intelligence agencies are spying on their citizens and it became clear that we are all being watched.This is regardless of whether you are on a terrorist watch list or an exemplary national. The idea that our phones are listening in on your conversations became a big topic in recent years when platforms like Facebook seemingly started serving ads to people based on conversations they had when their phone was in the room.

During a recent interview, Snowden revealed that many mobile carriers are using IMEI (International Mobile Equipment Identity) and IMSI (International Mobile Subscriber Identity) codes to determine each movement of the users. The IMEI and IMSI are identification numbers of smartphones and SIM cards.

According to Snowden, when a phone is turned on, the carrier continuously records every movement of the user by assessing their distance with the two signal towers. He points out that prior to the integration of smartphones; this type of information was private. However, digital technology has made it possible for mobile manufacturers and carriers to access the bulk information and even store it as a valued possession. 

Snowden says that no individual with a smartphone is exempt from this surveillance. Unfortunately, the users are not aware of this issue and continue to ‘hand over’ their privacy rights to their respective phone carriers, mobile manufacturers, and even app developers.

Currently, government agencies and tech giants have taken proactive action to secure the privacy of mobile users, specifically after the Facebook / Cambridge Analytica scandal. However, Edward says that the actions taken are not enough. 

Pre-installed Vulnerabilities and Spyware

US researchers have discovered a large number of vulnerabilities in smartphones. Malware and backdoors are often pre-installed at the root level, and there is nothing a regular user can do about it.

Most people are aware that their cellphone may have certain vulnerabilities and that they should be careful about the settings they choose, cautious when using the device to send and receive sensitive data and wary about what kind of apps to install. 

But most users are not aware that a brand-new mobile phone straight from the factory comes with pre-installed spyware.

The phone may have an invisible app that manages to obtain elevated admin privileges and do things that you as a user can hardly detect and cannot disable. That app may even send out data packages to some remote server at night when you as the owner are sleeping and your cellphone is turned off.  

The problem of pre-installed vulnerabilities is most likely not limited to Android. Similar bugs may also exist in other operating systems. But the sheer number of Android devices makes them a more attractive target to attackers and the way the system software is developed and distributed makes it easier for them to get a foothold in the supply chain of the software.

Of the estimated 5 billion people who are using mobile devices, 85% are using models based on a version of the Android operating system. Besides smartphones, Android  also runs on a variety of other connected devices like TVs or car entertainment systems and the vulnerabilities extend to those, too.

As new software components arrive in the market at a breathtaking pace, the bugs and vulnerabilities in pre-installed software are more likely to increase in number than come to an end anytime soon.

What Data is being Collected?

What is being monitored is details of your device such as the model, name and phone number these trackers can grab your email address, the IP address that is allocated to your Internet connection and even your precise location at any given time. Some of the identified vulnerabilities allow attackers to get into the phone remotely, activate keyloggers, take screenshots or simply record everything the owner sees, does, says and hears, including the typing, deleting and correcting of passwords. Everything from music streaming and weather apps, through to news and storage apps are doing it. 

The Nuclear Option
To protect yourself from corporations or hackers listening in on your conversations, make sure to disable access to microphones for all apps that do not absolutely require them. Additionally, you should avoid clicking on any links or downloading attachments from unknown senders.

If you want to frustrate the collectors of this data as much as possible, there are other more drastic measures you can take. The obvious one is to uninstall all the apps that are not 100% essential to you. A regular cull, on a regular basis, is no bad thing anyway if only on memory and storage usage grounds.

You can switch such things as Wi-Fi, GPS and Bluetooth off when you don't need them. Additionally, you should only download reputable applications to minimize the chance of ending up with a malicious app on your phone. Running a regular malware and virus scan on your smartphone can also help you to identify and clear out any potentially harmful applications. 

Hard-line privacy activists may suggest that ditching smartphones altogether is the best step to take to avoid phone-based privacy invasions. However, for the majority of us, that would be rather impractical.

For a number of years the tech giants have batted away suggestions that they are using the microphones in our mobiles to spy but as distrust in the US tech giants has grown and many users now feel that they are being spied upon.          

DeutscheWelle:          Forbes:        Brave New Coin:       BBC:       HackRead:         Digital Information World:   

You Might Also Read: 

Coronavirus Tracing Apps Conflict With Privacy:

 

 

« Maritime Cyber Attacks Quadruple
Hackers Are Targeting Coronavirus Research »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

Bericon Forensics

Bericon Forensics

Bericon is one of the longest established forensic science consultancies in the UK. Activities include computer and mobile phone forensics.

limes datentechnik

limes datentechnik

limes datentechnik is an authority in the fields of cryptography and data compression. The FLAM product family is an internationally accepted standard for efficient and safe handling of data.

HCL Technologies

HCL Technologies

HCL offer an integrated portfolio of products, solutions and services built around Digital, IoT, Cloud, Automation, Cybersecurity, Analytics, Infrastructure Management and Engineering Services.

Barbara IoT

Barbara IoT

Barbara is an industrial device platform specifically designed for IoT deployments.

Outsource UK

Outsource UK

Outsource UK is an independent recruitment company supplying highly-skilled technology, change and engineering talent to clients within a range of specialist sectors including Cyber Security.

Casque SNR

Casque SNR

CASQUE SNR is the next generation of Identity Assurance that has potential to supersede existing solutions. It provides Identity Assurance for both people and things.

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

SecurityGate

SecurityGate

SecurityGate.io is the only Integrated Risk Management platform built for OT/ICS cybersecurity.

EYE Security

EYE Security

EYE provides enterprise-grade cyber security services and cyber insurance to SMEs in Europe, Cyber Incident Response and strategic advice in board rooms.

Information Services Group (ISG)

Information Services Group (ISG)

As a leading global research and advisory firm, ISG partners with our clients to determine a future vision, lead rapid change and realize the value of your digital investments at scale.

Secure Cyber Defense

Secure Cyber Defense

Secure Cyber Defense provides expert cybersecurity consulting and managed detection and response services to companies, local government, schools and universities.

Kiteworks

Kiteworks

Kiteworks (formerly Accellion) creates a dedicated Private Content Network that ensures zero-trust private content protection and compliance.

NAK Consulting Services

NAK Consulting Services

NAK is helping organisations to create Secure, Agile IT Environments. Our goal is to be the trusted advisor and managed service partner for our clients.

S2W

S2W

S2W is a data intelligence company specialized in cyber threat intelligence, brand/digital abuse, and blockchain.

Iron EagleX

Iron EagleX

Iron EagleX deliver engineering solutions in cloud computing, big data, cyber, and machine learning technologies to US Government customers.