Exposed: Understanding the threat of digital spying & stalkerware
The global market for commercial spyware is currently estimated at around $12 billion, which over the last 10 years has seen 80 countries purchase the technology. Spyware is used for a range of purposes, allowing operators to gain remote access to devices from across the world. Once a device becomes infected, the perpetrator gains complete control of the device, which can mean unfettered access to messages, audio calls, photos, and remote access to cameras and microphones.
What’s worrying is spyware is becoming accessible even to users lacking advanced tech skills. Cheaper, more rudimentary forms of spyware like stalkerware exist. Stalkerware can be particularly intrusive and abusive as it must be physically installed, meaning attackers need direct access to which ever device they try to infiltrate. In this article, we will expose the threat from digital spying and stalking, and how to maximize protection.
An enveloping global problem
We tend to hear of spyware in the headlines being leveraged by nation-state actors to suppress political opponents and intimidate journalists. It should therefore come as no surprise that governments across the world are concerned about its proliferation in commercial settings. In March, the UK issued a joint statement with the governments of 10 other countries on the need for domestic and international controls on commercial spyware. We have also recently seen the US introduce a bill which prohibits its use by government officials when it relates to national security.
But why has it taken so long for legislators to take notice? At the moment, it is an issue of market demand. While the Pegasus Project investigation in 2021 saw the downfall of NSO Group -- one of the most formidable spyware companies based in Israel -- it left a gaping hole in a booming market waiting to be filled. A precedent was set against suppliers, but spyware customers remained impatient.
For legislation, another problem lies in the agility of spyware vendors and diversity of the market. With some posing as commercially reputable companies, others work solely within criminal networks making them harder to trace. It is also the case that spyware companies create complex corporate structures to muddy their legal registration, making it harder to determine which laws they are bound by and who their clients are. While regulators remain one step behind, spyware is becoming increasingly accessible, widening the pool of both attackers and victims.
Stalkerware and consumerisation
As with any technology advancing at unprecedented pace, so too has the market for commercial spyware. Tools have become incredibly sophisticated, with commercial products and services rivaling the equivalent capabilities of some state-linked Advanced Persistent Threat (APT) groups. In other words, military-grade spyware technology is increasingly at the hands of the ordinary person.
We have also seen high-profile investigations into "stalkerware" -- smaller scale technologies that can be purchased online for consumer use. The Coalition Against Stalkerware argues that the technology is often used to carry out partner surveillance, gender-based and domestic violence. Once installed on a device, some of the apps would be invisible on a user’s home screen and allow stalkers to remotely activate the camera or microphone without their knowledge.
Often, these apps outwardly present as intended for the use of parents to monitor the activities of their children -- allowing them to avoid suspicion from victims. One example of this is Xnspy, which stole data from tens of thousands of iPhone and Android devices.
Stalkerware apps work hard to conceal their activities and keep the identities of developers anonymous, given the significant legal and reputational risks that come with facilitating covert surveillance. And with their increasing accessibility to a wider pool of users, the time is ripe for re-thinking cybersecurity and the types of protections needed to deter prying eyes.
A multi-layered response
The threat from digital spies and stalkers presents a real threat to governments, businesses, and people across the world. Not only is device monitoring a breach of privacy, but the consequences of unsolicited access are limitless. Unfortunately, there is no one-size-fits all solution which can protect devices universally, but we can do everything in our power to bolster defenses.
Stalkerware and monitoring apps are designed to be hidden but you can take steps to protect phones, laptops, and online accounts. It sounds simple but maintaining good password hygiene is key. Regularly checking your phone and computer for unknown apps is also good habit to get into, where a simple Google search for anything unfamiliar will show whether it is harmful or not. Often antivirus software will help identify suspicious apps and recommendations for them to be deleted. The effectiveness, however, also depends heavily on consistent patch updates to ensure these new apps are able to be identified. For ultimate reassurance, it is worth conducting regular manual checks and keeping up to date with the latest cybersecurity tools to put yourself in the best position to prevent and detect the presence of stalkerware.
Technology is a powerful force for good and should be embraced. In particular, recent advancements in artificial intelligence (AI) are transforming the cybersecurity space. Low-level AI tools deployed at the physical layer of devices help to protect data in a controlled setting with far less variables than the external layers, thereby reinforcing traditional software-based defenses. By using a multi-layered approach to cybersecurity such as this, we can protect our most critical data from the bottom up. In the global fight against spyware and stalkerware, embracing innovative, holistic tools is a must.
Photo credit: Dean Drobot / Shutterstock