Internet privacy and security course
About translation
Previous Next

Chapter 80

Cyber spying through mobile phone

Edward Snowden, the whistleblower behind the NSA surveillance, is rumored to leave his mobile phone in different premises before attending important negotiations.  The former NSA subcontractor is well aware of the threats linked with the use of mobile phones and how often intelligence agencies employ them for cyber spying on people of interest.

Tip

When having important negotiations, keep your phone in different premises.

A lot of users would regard the advice above as over-the-top and simply turn off their phone during negotiations. This may be a reckless move as malware can modify the performance of your phone making you believe your phone is turned off: on the surface, the phone seems turned off, but in reality, it will keep spying on everything around you.

Myth

It is possible to spy on a user even if his phone is turned off.

Fact

It is possible provided this phone is already compromised and some malware has been installed on it.

There is another myth eagerly perpetuated by many advanced users, and it has to do with the purported ability of cell phone jammers to protect you from cyber spying.

Myth

Cell phone jammers prevent cyber spying through mobile phone.

Fact

Almost any modern cell phone cyber spying software is very good at collecting data, and if there is no service, it will store it in the memory of the device. When the service is back, the collected data will be sent to the controlling server.

However, a quality ultrasonic voice recorder jammer will prevent a phone from recording sound.

Tip

If you fear your partners’ phones could be compromised and used for cyber spying, use voice recorder jammers.

In this chapter we will decribe how to use just a cellphone as a tool for cyber espionage, as the cellular communication itself is also vulnerable, we will talk about these vulnerabilities in the next chapters. Hackers may be tracking your location, listening to your calls and reading SMS, let alone intelligence agencies. Unfortunately, the SS7 protocols used in cellular communication are helplessly outdated and were designed without any security requirements in mind. However, there are a lot of users out there who still don’t believe it and have no awareness of the danger lurking.

US congressman Ted Lieu didn’t believe it either until he took part in an experiment where a hacker was able to listen to and record both ends of his conversations, SMS and trace his location.

The US representative used this phone to receive calls from then President Barak Obama, so Lieu’s reaction was straightforward. He demanded an investigation into the matter and that the security flaw should be fixed.

That the people who knew about this flaw and saying that should be fired. You cannot have 300-some million Americans-- and really, right, the global citizenry be at risk of having their phone conversations intercepted with a known flaw, simply because some intelligence agencies might get some data. That is not acceptable.
Ted Lieu

The security holes discovered in Signaling System Seven are exploited not only for cyber spying purposes. Attacks involving vulnerabilities in SS7 occur quite often, for instance, in Germany in 2017 some unknown hackers attacked mobile phone network O2-Telefonica to drain victims’ bank accounts.

What shall you do? For calls, use encrypted instant messaging clients, for instance, Telegram that offers peer-to-peer (P2P) encryption and refrain from using SMS for two-factor authentication.

There is another myth about surveillance defense which says that turning off GPS will help you protect yourself from having your location traced through mobile phone.

In reality, GPS is not the only technology used for tracking location. Your location can be tracked via the nearest cell towers, which allows an intruder to trace your whereabouts with the accuracy of up to 10 meters, as well as via Wi-Fi hotspots nearby.  Locating a user via nearby Wi-Fi hotspots is somewhat new, and you will find more about this method in this course. Currently, it allows for the identification of your location with the reliability of up to 10 meters if, of course, there are Wi-Fi hotspots around you and your Wi-Fi module is activated.

Turning your GPS in the phone’s settings doesn’t guarantee it is really turned off. You have to reconcile yourself to the idea that your phone is a bug and until it is on, provided an intruder has the required resources at his disposal, your location can always be tracked. You can use an older model without GPS and Wi-Fi, without operating system Android, this will help you reduce the risks of having your location traced leaving you vulnerable only to the detection of your whereabouts via the cell towers nearby.

Now let’s compare iOS and Android and see how protected and susceptible they are to cyber spying attacks. The former mayor of Vladivostok Igor Pushkarev who became accused of abuse of authority and corrupt business practices wrote a message to all mobile device users from the remand prison he’d been put into. Let me cite it.

I used two smartphones: one running on Android, the other – on iOS. The law enforcement representatives infected my Android device with some virus and remotely turned on the microphone listening to my conversations and everything that was going on around it when the phone wasn’t being used (as it seemed so on the surface). Nothing of the kind happened to iOS. So if you don’t want your conversations to be listened to, including when your phone just sits in your pocket...never use Android.
Igor Pushkarev

There are also users who mistakenly believe that devices running on iOS are untraceable.

Myth

It is almost impossible to spy on iOS users, while listening to Android phones is like taking a candy from a baby.

Fact

There are cyber spying tools for iOS devices, Apple stores and passes them to law enforcement on demand, while Android is not so vulnerable as it may seem so.

This course has a separate chapter that compares Android and iOS. I won’t delve into details, but its conclusion is the following: there is a lot more malware designed for Android devices, but there are malicious programs for attacking iOS too. Android phones are no less protected if you use “clean” Android and the latest updates.

A clean Android phone runs a mobile operating system by Google without the firmware of the mobile device’s manufacturer. For instance, you can find a clean Android in Nokia and Nexus devices. The biggest number of security flaws has been linked to manufacturer’s firmware, especially that of Chinese companies. You should avoid choosing Chinese makers if you care about your privacy and data protection.

Tip

Use only clean Android devicesand, of course, the latest updates.

There are plenty of examples to prove my point. Spyware may already be installed on your mobile device. Check Point Mobile Security Team in 2017 found pre-installed malware on such popular Android phones like Samsung, LG, Xiaomi, Asus, and Lenovo. The manufacturers probably don’t have any involvement in this campaign, the malware was added somewhere along the supply chain.

Unfortunately, Android phones are easier to tamper with along the supply chain and turn them into pocket spies than iOS devices. It has to do with the architecture of the operating system based on the open source code and the cooperation policy of many manufacturers with governments.

By and large, iOS users know their pre-installed set of applications quite well, while the same applications on Android devices change from manufacturer to manufacturer, from model to model.

Attention

It is much easier to compromise an Android device somewhere along the supply chain without user’s knowledge than an iOS phone.

It is possible to compromise an iOS device too. A prominent human rights activist Ahmed Mansoor has been repeatedly targeted by cyber weapons. So last time he received a message with a suspicious link, instead of clicking, the tech-savvy rights defender passed on the SMS text to security experts who discovered one of the most sophisticated cyber weapon Pegasus.

This exclusive spyware product used three zero-day exploits at once. Had Mansoor clicked the infected link, the attacker would have received complete remote control over his phone and would’ve been able to snoop on calls, read emails, correspondence, listen in on conversations through microphone in the vicinity of his device, trace location and other. This highly sophisticated malware didn’t require any jailbreaking.

Only vigilance and chance helped the experts to discover the extremely dangerous spyware, but how many programs of this type are left undetected?! How many people are infected and their movements and activities are currently tracked?! Even if you are a staunch Apple devotee, your illusions about iOS’s resilience to vulnerabilities can prove costly.

Though it is extremely difficult to uncover professional spyware, there are indirect signs your phone is used for spying on you. That’s what this chapter is about.

Previous
9633
Next