Are your Christmas presents spying on you?

With many around the country receiving technological gifts, experts from government anti-espionage unit UK NACE explain why smartphones are the ‘perfect eavesdropping devices’

Credit: Ronstik/Pixabay

We all want things in our life which save us time and make life just that bit easier. 

To satisfy that need, each year household and consumer technology becomes more and more advanced. Although the security in smart technology is improving, there’s still a real risk of your everyday devices being exploited.
 
If you received any kind of smart device as a Christmas gift or are considering one as a present for someone else, hold onto your credit card for a moment. And keep reading to uncover some enlightening facts about the latest tech available.
 
Our experts at UK NACE (the UK National Authority for Counter-Eavesdropping) know all too well that smart and wearable technology is susceptible to malware attacks. Here is the lowdown and their tips for improving the safety of your smart devices.
 
Keep up to date with the latest security
Devices such as smartphones and smart watches are constantly being updated with new security software so it’s vital to ensure yours is always running the latest version. However, keeping your security software up to date will not stop hackers from trying to get unauthorised access to your personal information.
 
The older your device, the greater the risk of attack. This is especially the case when it is no longer supported by the manufacturer, as it will not receive any new security updates. This could potentially leave your device wide open to attacks, and your personal data vulnerable.
“Smartphones are the perfect bugs; they are easily programmable and have constant power and, unlike many traditionally concealed eavesdropping devices, this means you could potentially be tracked and listened to continuously.”
 
Attackers are not only focused on old devices though.
 
There’s a whole industry out there looking for brand new ways to target the most modern hardware. These kinds of attacks are called ‘zero-day’ exploits and they typically take advantage of unknown vulnerabilities in new software or hardware, well before anyone realises anything is wrong.
 
Beware fake updates
Attackers can also gain access to your technology through other methods, the most common being fake and harmful updates. Whether that is general software, security or specific app updates – their authenticity can be hard to distinguish from official sources. Originators of fake updates commonly send out a pop-up ad or alert which says that a device is infected with malware and offers to scan the system or asks the user to click on a link to update software. 
 
Often, for these to take effect, it requires a user to update permissions and allow apps to access location, camera and contacts list. This helps attackers, advertisers and app developers profile users’ behaviour. It can also lead to them giving away personal information.
 
Smartphones and smartwatches
Smartphones are the perfect eavesdropping device, or ‘bugs’.
 
They are easily programmable and have constant power. Unlike many traditionally concealed eavesdropping devices, this means you could potentially be tracked and listened to continuously.
 
Modern smartphones have features, such as cameras, microphones, GPS and more. These all provide a variety of options to an attacker looking to exploit users, whether that is to track them or gain access to personal information – such as home address, bank details, passwords or pictures.
 
Smartwatches and fitness trackers present a different challenge to a hacker. But it is still possible to exploit these as eavesdropping devices, especially when linked to a smartphone; this can result in more than your steps being tracked.
 
If knowing their GPS location wasn’t unsettling enough for users, an experienced attacker can also use the motion and orientation senses in a device to calculate ATM pin numbers and passwords.
 
Top tips to protect personal data
To help prevent a malware attack on a smart device, UK NACE strongly recommends regularly updating the security settings.  This is particularly important if a lot of personal information is stored on a smartphone.
 
So, the next time you see a genuine new update pop up, install it straight away. Don’t leave the door open for attackers to profit from others’ personal data.
 
This also goes for when new devices. Before beginning to use it in earnest, check whether it’s running the latest version of software and continue to do this regularly.
 
You can further improve a device’s security by:
 
resetting passwords every couple of months and using different passwords for each account or site used – take a look at the National Cyber Security Centre guides on the use of password managers and two factor authentication
updating privacy settings – this is particularly important with social media accounts
using an anti-malware app – these help protect users from attackers planting viruses within technology
 
 

Sam Trendall

Learn More →

Leave a Reply

Your email address will not be published. Required fields are marked *