In the second of our blog series for Safer Internet Day, we’ll be putting spyware under the microscope.
This year’s campaign is all about building awareness and helping others to become more cybersecurity canny.
So, this series is taking a closer look at the cybersecurity terms that are becoming more common and aims to untangle the often-complicated definitions that go with them.
What is spyware?
As the name suggests, spyware is a kind of malicious software used with the intention of spying on the user. This can be done through a variety of methods, such as capturing
data through screenshots, webcam captures, or stealing data from the websites the user visits. Keylogging, or keystroke logging, is also a technique that spyware can employ. This is where the software records every keystroke made by the user to gain access to passwords and confidential information. Often, the information gathered is sent to third-party organisations.
The business impact of a prolific spyware attack can be devastating. Not only can it result in the theft of intellectual property but also in the ‘scouting’ of the organisation’s network by identifying the possible weak points where more dangerous forms of malware can be targeted.
Spyware made its biggest impact on both consumers and businesses during the last half of 2017, with detections rising by 30 per cent. The upturn is indicative of criminals diversifying their attack strategies to increase the success of attacks by using different malware types.
How do I know if I’m being watched?
By its very nature, spyware can be difficult to detect as it can hide in the background. However, there are certain red flags that indicate you have been targeted by this malware: your machine may start running slowly for no reason, you might start seeing pop-up ads while surfing the Web, or you may spot configuration changes of your device.
Much like ransomware attacks, which we looked at in the previous blog, threat actors behind spyware campaigns can use social engineering to get users to install their malicious software. They pretend to either be someone you know or someone you trust. One of the more insidious ways this can occur is a pop-up pretending to be anti-spyware software, convincing you to install it to detect and remove spyware, when it is fact the opposite.
Drive-by downloads, while decreasing, are still an easy way for cybercriminals to attack a machine and mine it for data. Requiring no action on part of the victim, drive-by attacks occur where cyber criminals have planted a malicious script into HTTP or PHP code on a web page or email. The code may install malware directly or re-direct the victim to a site controlled by the cybercriminals, infecting the machine automatically, and silently.
It’s not only laptops and PCs that are vulnerable to spyware. Mobile devices are at just as much risk. The recent discovery of Skygofree highlights how powerful and sophisticated spyware can be. This strain of software has given attackers full control of an affected device. Specifically targeting Android and Windows users, this software can be downloaded webpages that mimicked the sites of mobile network operators. It is also incredibly invasive. For example, it could record surrounding audio, track location with movement detection, search files and then upload them to a remote server.
How can I stay safe?
There is a lot you can do to protect your machine from spyware and unwanted software, yet prevention remains the best form of defence.
Both computer and mobile users can protect themselves by staying vigilant and only downloading from trusted websites and app stores however tempting the offers may be from less reputable ones.
How many people actually read the Ts&Cs? Hardly any. Before clicking, make sure you look out for any references to sharing information or data gathering if installing freeware. It may take some time in the beginning but will save the stress of removing the malicious software further down the line.
Finally, installing security software that includes protection against spyware, and preferably one that provides real-time updates will help ensure that your machine is covered. Having a layered-defence tactic and practicing basic computer hygiene are ways to be truly sure that your information is safe from the silent assassins.