Search This Website

Tuesday, 20 July 2021

How to Ways to avoid spyware

 How to Ways to avoid spyware

How to Ways to avoid spyware

Turn on the camera, listen to conversations, steal photos and even read messages; Learn all about spyware intruders and how to avoid Pegasus

Even after the revelation of Pegasus espionage, the country's Home Minister Amit Shah is saying that understand its chronology. It is a conspiracy to discredit democracy, but their logic seems to have no substance. The Pegasus scandal has not been uncovered in India alone. It was investigated by 80 journalists from 17 media houses in 10 countries. Meanwhile, the Paris-based NGO Forbidden Stories and Amnesty International identified more than 50,000 phone numbers attacked by Pegasus.

He shared the results of the investigation with reporters. He spent months trying to figure out whose phone number was involved in the attack. It identified more than 1,000 government officials, journalists, businessmen and human rights activists. The revelation of phone hacking has caused an outcry all over the world.

On the one hand, politics is hot, on the other hand, people want to understand whether this is spyware. How can you protect your smartphone and other devices from such hacking?

So let us know the answers to the necessary questions related to Pegasus and spyware ...

What is spyware and who uses it?

Spyware is software or malware designed to spy on someone. It is used to retrieve information from a computer, phone, or other device. There are spyware software that take advantage of the simple security flaws of gadgets' software, but some spyware are very knowledgeable that use vulnerabilities in computer coding. These defects in computer coding are called unpatched software. Such spyware can also prey on the latest mobile phones equipped with advanced security features.

Is Spyware Only Used by Government Agencies?

The most known spyware in the world is usually used by security or intelligence agencies. They are so expensive that usually only the government can buy them. There are many markets in the world that make such spyware available to governments that can afford it. It has long been suspected that terrorist groups and groups involved in criminal activities have also reached out to spyware.

Israeli company Candiru's spyware was used to hack into the computers and phones of people who support Black Lives Matter. Microsoft and the Citizen Lab of the University of Toronto have revealed this just this month. The company that developed the Pegasus software in Israel, which is being named in the latest controversy, has made it clear that it only sells its software to governments.

What kind of data can spyware like Pegasus steal from our phones and devices?

A knowledgeable software can steal all the data in your device. It can listen to real time phone calls. It can also read end-to-end encrypted messages like email, social media post, call log, WhatsApp or Telegram. Its accuracy is so great that it can also tell with the user's location whether the user is running or stopped or at what speed he is moving in which direction.

Apart from contacts, usernames, passwords, notes and documents, it can also steal photos, videos and sound recordings from the phone or SIM. Some spyware can even operate the camera and microphone of your smartphone or smart device. During this time the recording seems to be done without the lights on or in any other way. In simple language spyware can do everything that a user can do from his device. Some spyware sends data from one device to another without the user knowing.

What is Zero Click Attack?

Pegasus spyware is now one step ahead of phishing messages for hacking into your smartphone or smart device. Pegasus' latest attack does not send any link or message that the user clicks on, the malware becomes active in his device. The new technology does not require any user action on the device to attack. In the latest attack, neither a call nor a message nor a link is sent to the user.

This type of spyware attack technology is called 'Zero Click' Attack. In Teva it has become impossible to identify and prevent Pegasus attacks. In November 2019, Ian Beer, Google's Project Zero Security researcher, showed how hackers controlled his iPhone via Radio Proximity without having to click on any links or SMS.

Why can't end-to-end encryption spyware stop?

End-to-end encryption protects the transmission of data between 2 gadgets such as phone, tablet or computer. It is "man-in-the-middle" to prevent any kind of attack during data transmission. In it the hacker intercepts the message between the sender or the receiver, but this cannot be done as there is no known way to decode special encryption. Most commercial services have adopted end-to-end encryption since the revelations of US National Security Agency whistleblower Edward Snowden in 2013.

End-to-end encryption technology is not successful for "endpoint attacks". Such attacks occur on the gadgets of the sender or receiver. Once the system reaches the mobile, the software decodes it and makes it readable again. Existing spyware can read messages on this occasion.

How to know if a spyware has taken over our phone?

New age spyware is designed to take over your system i.e. phone, tablet or laptop, it is made in such a way that you do not even feel any change. This means that there is no evidence that the hacked phone or device was targeted without a closer look.

An international NGO working for human rights, Amnesty International's security lab, developed a test to scan phone data to identify intrusions from Pegasus and asked people to check their phone numbers. 67 people were ready to check the phone data.

Of these, 23 phones were hacked and 14 phones were found to have failed hacking attempts. The results of the investigation of the remaining 30 phones did not come. In most of these cases the phones were lost and replaced. There were 15 tests on the data of Android phones, none of which found evidence of a successful transition i.e. infiltration. Evidence of SMS messages related to Pegasus was found in three Android phones.

May I know that my device was hacked?

Probably not, the malware is designed to work stealthily and cover its tracks. So the best way is to defend yourself.

Is my device insecure?

Almost everyone's smartphone is insecure, although most are less likely to target the average person's smartphone. In addition to criminal suspects and terrorists, journalists, human rights activists, politicians, politicians, government officials, businessmen, leaders and relatives and associates of VIPs have been targeted.

Phones can thwart spyware attacks using the Android operating system with specially designed advanced solutions. But right now there is no way to identify it accurately.

What can be done to protect yourself from such spyware?

Here are some basic cyber security rules to protect your device, especially the phone, from hacking:

    Keep your device and software up-to-date. To do this, go to your settings and activate automatic updates.

    Devices older than 5 years are at higher risk of being attacked by such spyware. Especially if they are running on an older operating system.

    Have a password for your device, site or app that is difficult to guess. Don't keep a password in your phone number, date of birth, or pet name that is easy to guess. Password managers like LastPass or 1Password can make this task easier.

    Where possible, turn on two-factor authentication. Such sites will ask for another code along with your password. It is sent by password or by phone or received by a separate authenticator.

    Don't click on links or attachments sent by strangers

    Whenever possible, activate disappearing messages or other such settings so that the message or other communication disappears automatically after a certain period of time.

Is there a law to protect against such attacks?

Most countries in the world have no effective laws against spyware attacks. NSO, an Israeli company that makes Pegasus, says the spyware is not used on phone numbers in the United States, Israel's most important ally.

In India, Section 69 of the NSO Act 2000 and Section 5 of the Telegraph Act 1985 give the government the right of surveillance, but it must be based on the country's sovereignty, integrity, security and defense. There is no permission for private surveillance in our country. Similarly, hacking is completely prohibited under Section 43 and Section 66 of the IT Act. Under Section 66B of the IT Act, a person can be sentenced to up to three years in prison for incorrectly accessing stolen information from a computer or other electronic gadget.

Who else can help protect my privacy?

Big gadget and software makers like Apple and Google are the most capable of thwarting spyware. The company has been improving security on its smartphone operating system for years, but the company has not completely thwarted Pegasus and similar malware. Even large cloud companies are trying to protect their servers from such attacks. Microsoft and Amazon Web Services say they have taken several steps to block the malware.

read in gujrati

What are NSO and Pegasus?

NSO Group is a private Israeli company that specializes in creating the world's top spyware. Its most popular product is Pegasus. It is designed to infiltrate iPhone and Android devices. Founded just 11 years ago in 2010, the company says it has 60 government customers in 40 countries. Apart from Israel, the company also has offices in Bulgaria and Cyprus. The company has about 750 employees and, according to Moody's, earned Rs 1,800 crore ($ 240) last year. What is special is that the majority ownership of the company is held by Novalpina Capital, a private equity firm based in London.

Who are the customers of NSO?

The company itself has not said anything about this, but Citizen Lab has documents related to the infiltration of Pegasus at 45 locations. These include Algeria, Bahrain, Bangladesh, Brazil, Canada, Kenya, Kuwait, Kyrgyzstan, Latvia, Lebanon, Libya, Mexico, Morocco, Netherlands, Oman, Pakistan, Palestine, Poland, Qatar, Rwanda, Saudi Arabia, South Africa, Saudi Arabia. , Countries like UK and USA are involved.

No comments:

Post a Comment