21.5 C
Byron Shire
March 27, 2024

Spyware unplugged – New software attacks cast a light on cybersecurity

Latest News

Splendour 2024 cancelled

It's offical, Splendour in the Grass 2024 has been cancelled.

Other News

The Picture House is turning 8

It feels like we were only just ringing in the new year days ago and here we are approaching Easter weekend at The Brunswick Picture House. It’s already been a whirlwind start to 2024 with their biggest and busiest program so far, bringing an eclectic mix of some of the hottest stand-up comedy, music gigs, film screenings and cabaret – and that was just last week!

Big week in Byron Bay for adaptive surfers

Australia’s first-ever international adaptive surfing contest held in Byron Bay last week was an overwhelming success according to organiser Mark ‘mono’ Stewart.

Workshop in Creative Writing For Beginners

Have you always felt like you have a novel in you, but don’t know where to start? Or have...

Laid-back but lively

Ooz is an acoustic roots reggae artist with a large, eclectic repertoire of crowd favourites. His unique, laid-back but lively style creates a relaxed atmosphere and his song choices have you remembering many of those forgotten classics.

What the duck!

Most days I ask myself ‘what the duck’ is happening here? How could Trump be president again if he...

We just love him!

If you’re over 50 you might not be a fan of Tom Jones, but you can bet your mum is. If you’re under 40 you might not even know who he is, but your grandmother probably wet her pants at the mere mention of his name.

Brought to you by The Echo and Cosmos Magazine


A major investigation conducted by news organisations has found that governments around the world may have been spied on by a malicious software called Pegasus.

The software was developed by an Israeli company, NSO Group, and sold to government clients, but the spyware that came with it may have targeted journalists, politicians, government officials and human rights activists.

It infected phones when a link in a specially crafted SMS was clicked. This downloaded spyware and rooted or jailbroke the device to install the software. These override the security on the phone, so that remote access is granted, making private information viewable even if you don’t have the device in your hand.

This means somebody else has access to all sorts of information, such as emails, messages, photos, locations, contacts and browsing history.

What is spyware?

For the most part, spyware is something that is downloaded without consent, and it doesn’t make itself explicitly known like ransomware and other malicious software sometimes do.

‘Spyware differs from other applications because it is generally installed without the knowledge of the device owner, it tracks and reports owner usage, locations and activities without the knowledge of the owner, and it usually operates in the background and surreptitiously without its processes or activities being visible to the owner of the compromised device,’ says Dennis ‘Darknet’ Desmond, a lecturer in cybersecurity at the University of the Sunshine Coast, Queensland.

‘Unlike most apps, the installer is usually not the owner of the device, and the installation of the app often occurs remotely through a hostile email, text or web link, remote connection, or through direct handling of the device.’

What is the point of spyware?

The whole point of this type of software is in its name – it’s used to spy on people. This can be for malevolent or security purposes, depending on who uses it and how it is used.

‘Spyware is designed to track the location, communications, activities and capture content from a compromised device,’ says Desmond.

‘Traditionally, spyware has been used both by stalkers – disaffected or abusive spouses and partners – and by nation-state agencies and entities desiring to track persons of interest.’

Spyware is also used for purposes of safety and national security because theoretically the information can sometimes be used not to exploit, but to keep people safe.

‘Compromising a device for the collection of communications and even interactions with others is extremely valuable to a nation-state intending to track and collect intelligence – criminal or national security – against a target,’ says Desmond.

‘The spyware allows for a comprehensive collection of all of the relevant information, including text messages, photographs, emails and phone conversations.’

Desmond points out that there are more innocuous uses for spyware, such as when it’s used by parents to track the activities of their children, or used to track and record activities of adults who may suffer from cognitive impairment.

‘Spyware allows a carer to track and locate the individual, prevent scams and fraud, and to monitor purchasing and communications activities. In these cases, the activity is beneficial,’ he says.

Unlike other tracking devices, spyware attaches to everyday items that are commonly carried and hold a lot of personal information.

‘Spyware is easier to use than a tracking device on a vehicle as it is always with the target,’ says Desmond. ‘The typical challenge is gaining access to the phone, tablet or computer.

‘The most successful attack is one where the attacker gets the victim to install the spyware through a malicious link or social engineering.

‘Spyware on personal devices also has the ability to collect passwords, financial data and important personal information.’

Is it legal?

It is hard to regulate spyware, because it depends strongly on its use. Only specific uses of spyware are legal, and that varies state-to-state and country-to-country. Some forms of spyware use are considered a breach of privacy, and others are considered necessary and/or acceptable.

‘Parents tracking children, or carers tracking adults with cognitive issues, generally have full authorisation,’ says Desmond.

‘However, in other cases, the use of these software applications can be considered violations of privacy, illegal wiretapping, and unauthorised access to a device or the communications of an individual.’

What is being done about it?

Cyberattacks, some of which involve spyware, are notoriously difficult to navigate because technology constantly evolves, resulting in a technological arms race between attackers and cybersecurity experts.

‘Defending against cyberattacks and cyber threats is an unconventional war that never ends and has no stop or break,’ says Diep Nguyen, a cybersecurity specialist at the University of Technology Sydney.

‘The attacking and defending happens every day. For example, you can find the statistics about daily attacks on Australia.

‘That is why we need to run updates on our systems frequently to patch known vulnerabilities and risks.’

So, what can ordinary citizens do about it? There are many small ways we can keep ourselves safe, and Nguyen’s an advocate of learning: ’Emphasise education of citizens on general cybersecurity and privacy awareness so that each citizen can become the first defender to protect ourselves in the cyberspace.’

Desmond adds that ’certain anti-malware apps have the ability to identify and stop spyware from operating on a device.

‘For personal devices, it is useful to periodically run anti-malware software to review what processes on the device.

‘If someone is concerned they are being tracked, they can have their device reviewed and evaluated by a cybersecurity professional or organisation specifically designed to perform that function.

‘It may also be a simple matter of resetting the device back to its original state, changing the phone number and SIM card on a phone, or buying a disposable phone – a so-called burner phone – with a pay-as-you-go feature to communicate more securely.’

Spyware and other forms of cybercrime aren’t new and they aren’t going to go away. Instead, they will continuously evolve at a fast pace. It’s therefore of the utmost importance for cybersecurity to continuously monitor and adapt to the situation.

‘With recent advances in AI that greatly empower both ‘attackers’ and ‘defenders’, risks/weak links/threats can be found and exploited faster,’ says Nguyen.

‘Additionally, with a large and growing number of devices, information technology systems become more vulnerable – for example, people from the other side of the Earth can hear our heartbeats and sense what happened in our bedrooms – if more appropriate solutions are not in place.’

♦ This article was written by Cosmos Magazine science journalist Dr Deborah Devis, who holds a PhD in plant genetics from the University of Adelaide. Read the original article.

Published by The Echo in conjunction with Cosmos Magazine.


Support The Echo

Keeping the community together and the community voice loud and clear is what The Echo is about. More than ever we need your help to keep this voice alive and thriving in the community.

Like all businesses we are struggling to keep food on the table of all our local and hard working journalists, artists, sales, delivery and drudges who keep the news coming out to you both in the newspaper and online. If you can spare a few dollars a week – or maybe more – we would appreciate all the support you are able to give to keep the voice of independent, local journalism alive.

1 COMMENT

  1. Yeah Nah! It’s much worse than this. Google, Apple and ISPs have given Government spy agencies open access to their data on us. From the search metadata, sites visited, history of files downloaded, recorded voice samples, and fingerprints, to social contacts and personal relationships. Even when your phone is in sleep mode or off, they can access the microphone if so desired. See Wikileaks and Snowden’s files – all they need is an email or phone number. Your intel computer also has a “Machine Engine OS before the OS” that can spy on us completely, bypassing our firewall, and our bandwidth monitors. This fine article is what’s known as a”limited hangout”. C’mon echonet, you can do better for my $10 per month!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

We just love him!

If you’re over 50 you might not be a fan of Tom Jones, but you can bet your mum is. If you’re under 40 you might not even know who he is, but your grandmother probably wet her pants at the mere mention of his name.

Peter Garrett gives Bluesfest the nod

If I say the words ‘US Forces give the nod’, I can pretty much guarantee that you will hear the unmistakable voice of Peter Garrett ringing in your ears. Your head may even start to bob up and down a bit. 

Save Wallum finalist in NSW 2024 environment awards

The Save Wallum campaign has been named as a finalist in the Nature Conservation Council of NSW Environment Awards 2024. The award ceremony will be held in Sydney tonight, and Save Wallum spokesperson and ecologist James Barrie will be attending with Tegan Kitt, another founding member of the group.

New report highlights gaps in rural and remote health

The second annual Royal Flying Doctor Service ‘Best for the Bush, Rural and remote Health Base Line’ report has just been released. Presenting the latest data on the health of rural and remote Australians and evidence on service gaps, it identifies issues in urgent need of attention from service providers, funders, partners and policy makers.