Internet privacy and security course
Aa font
AA font size
20
About translation
Previous Next
Cyber spying

Chapter 11

Cyber spying

Cyber spying is performed on so many levels that we won’t be able to cover this topic as thoroughly as we would like. In this chapter we will laser focus on two known types of cyber spying: malicious software-enabled cyber spying and industrial cyber espionage.

Malicious software-enabled cyber spying

 If you have a smartphone, chances are it has a microphone, two cameras and GPS and, for instance, GLONASS (if you are in Russia). These technologies allow to bug premises around its perimeter, watch the phone’s owner through cameras and track his movement. This is to say nothing of accessing your calls, correspondence, emails.

Do you think these threats are mere speculations? Have you ever used smartphones from Xiaomi, Huawei or Lenovo? Do you know that some time ago these companies were caught supplying these devices with pre-installed spy software? Although this may sound like a far-fetched rumor, it happened in reality. Spy software can track the phones’ owners, listen to their calls and send data to perpetrators.

We can’t declare with certainty that it is the manufacturers themselves who are responsible for the malware installation. It is very likely that the spyware could be installed by middlemen, via any channels leading to end customer.

Do you suppose iOS users are any safer? Well, Ahmed Mansoor, a prominent human rights defender based in UAE, could share a different story. He was cautious enough to pass the link he got on his iPhone to the computer security experts who discovered malicious software Pegasus that uses three zero-day exploits in iOS at once.

Clicking this link would’ve led to Mansoor’s device getting infected and turned his iPhone into a perfect cyber spying tool. His timely vigilance exposed the potent malware thus rendering iOS devices a much safer experience for all its users.

But what if you use a less common version of mobile operating system or the so-called cryptophone like BlackBerry or Blackphone? Forget about unbreakable devices, the beginning of 2018 was marked by the discovery of Meltdown, a nine-year-old CPU security flaw that affects almost all modern devices. The flaw became one of the most dangerous vulnerability plagues in history hitting the IT world with one of the largest scope it has ever witnessed. Therefore, less common systems and cryptophones will not rescue you, especially keeping mind that Blackphone was notoriously rooted at the BlackHat security conference in less than 5 minutes…

Meltdown affects all operating systems including Windows, macOS, iOS, all Linux-based systems. Without updates, you won’t be able to evade it even if you have a Debian with no software packages selected prior, Linux Mint, Tails, or Whonix.

Perhaps you think this kind of tools is available only to special services? Indeed, special services have a much wider range of software and exploits than common users. Edward Snowden’s leaks and WikiLeaks' document dump on the CIA’s hacking capability in the spring of 2017 demonstrate how easily they can access any computer in the world.

But the main problem is the availability of spying software for common users. Getting an unware victim infected is no rocket science for a hacker: it just takes social engineering, some time and money (at least if he deals with Android or Windows).

 All it will take a common user is to visit a specialized forum like exploit on the Russian web or hackforums if you know English. Then you choose suitable RAT software. We won’t describe the next steps for ethical reasons, but one should bear in mind that any attempt to infect another person except oneself can get you behind the bars. For instance, a Rome citizen Antony S. got arrested at the start of 2017 for installing a surveillance application to his girlfriend’s phone. He was spying on her for several months before he was caught by the Italian police. And Anthony is not the only one who has been caught in the act out there.  

The difference between Antony and a professional hacker is that a common user doesn’t hide where the program is hiding data. Professionals acquire bulletproof servers in offshore datacenters paying for them using dummies and thoroughly hiding their whereabouts. A common user will either obtain a controlling server from a popular hosting service, providing his personal data and using his own bank card - of course, the hosting service will turn him in, or worse, an unprepared user may use the servers of a parent control application whose developers eagerly respond to requests from law enforcement to avoid accusations of malware development.

Don’t be deluded by the false simplicity and availability of cyber spying tools: it can end in a prison sentence. Using them is highly not recommended.

 By the way, software for cyber spying is often developed by law enforcement bodies as bait for catching perpetrators or by hackers for luring victims. For instance, Cobian RAT actively t