10 Aug, 2020

Spyware And Stalkerware On The Rise

by nVisium

From Austin Powers and James Bond to Fatal Attraction and Swim Fan, Hollywood has capitalized on spies and stalkers to entertain the world. In the digital world it seems that cybercriminals emulate this with their version of malware. Specifically we are talking about spyware and stalkerware, which seem to be gaining a lot of attention during the pandemic.

spyware and stalkerware demystified

On March 11, 2020, the World Health Organization declared COVID-19 as a pandemic. Since then we have been on and off with “shelter in place” requirements and that has created a whole new playing field for cyber criminals as well as the need of chief information security officers and IT security overall. This has also given rise to various forms of malware that more directly affect individuals and how they interact with corporate resources. Two of these forms include Spyware and Stalkerware which have now shown to be significantly on the rise.

Most IT security professionals are familiar with Spyware as a form of malware that records and sends information on to the source but Wikipedia provides a more comprehensive definition for Spyware as

“a type of malware that aims to gather information about a person or organization, without their knowledge, and send such information to hack another entity without the consumer's consent. Furthermore, spyware asserts control over a device without the consumer's knowledge, sending confidential information to another entity with the consumer's consent, through cookies”

A variation of spyware that also has implications in the physical world is called Stalkerware. A CNet article titled “Stalkerware: What to do if you're the target” describes Stalkerware as:

“Stalkerware refers to a broad group of apps that someone else can install on your device to intercept texts and phone calls, access your location, log your web browsing activity and turn on your camera or microphone. The information gathered by such an app typically gets sent to a portal or companion app accessed by the person who installed the stalkerware.”

Unfortunately, this type of malware is on the rise during these times of shelter in place. According to a CISO Magazine article titled “Stalk or Spy? Global Use of Stalkerware Apps Rise Amid COVID-19 Lockdown” that:

“Digital security solutions provider Avast  reported a 51% increase in the use of spying and stalking apps globally since the lockdown in March until June 2020, compared to January and February 2020.”

The good news is that there are methods to detect and prevent this (and most all) type of malware.

uncover stalkerware with security assessments

As with all malware, discovery is the first and best step for risk mitigation. The most obvious method to detect potential vulnerabilities is with Security Assessments. Besides just being a good standard practice, industry associations like ISACA have long since recommended security assessments:

“Organizations have many reasons for taking a proactive and repetitive approach to addressing information security concerns. Legal and regulatory requirements aimed at protecting sensitive or personal data, as well as general public security requirements, create an expectation for companies of all sizes to devote the utmost attention and priority to information security risks. An IT security risk assessment takes on many names and can vary greatly in terms of method, rigor and scope, but the core goal remains the same: identify and quantify the risks to the organization’s information assets. This information is used to determine how best to mitigate those risks and effectively preserve the organization’s mission.”

Understanding the unique requirements of this post-COVID world requires developing trusted partnerships with independent sources that can uncover the latest vulnerabilities across all of your code, applications and infrastructure.

security assessments made simple

All nVisium assessments go beyond identifying security defects. We focus on helping clients meaningfully triage and fix vulnerabilities discovered during testing. nVisium is unique in our ability to provide exceptional remediation advice, which is specific, actionable, and aimed at reducing engineering overhead typically associated with mitigating security issues.

By integrating security into the development process, nVisium strives to find and help fix security vulnerabilities in our client's software while teaching our clients the importance of incorporating security from the ground up. We offer a range of comprehensive services to ensure that you and your company are protected from cyber threats, including security assessments, software assurance, and training.

Bottomline is that you will ultimately need to start with security assessments for:

  • Applications: A standard assessment combines static and dynamic analysis, which allows our team to evaluate all aspects of an application and test risk mitigation solutions, This service also offers the most precise remediation advice.
  • Internet of Things (IoT): IoT presents its own unique set of security challenges and requires a broad skillset for assessing. Our IoT assessments identify weaknesses in an entire IoT architecture including software, hardware, API, and web/mobile components.
  • Networks: Using a combination of automated and manual techniques, our team will identify risks to your systems and networks that attackers could find and exploit. We will provide detailed information of our findings along with recommendations to help remediation efforts.
  • Mobile: Identify weaknesses in how an application interacts with the mobile device, the remote APIs it communicates with, how the application is written, and the libraries it uses to function.
  • Cloud: Assessments of AWS, Azure, or GCP go beyond the simple security issues that are easily detected through automation. We get to know the business purpose behind your architecture, review the design, and begin an analysis of security controls, monitoring and alerting, hardening, and IAM policies and permissions…. And BTW, we are an AWS Partner

Why be a victim of stalkerware? A small investment is security assessments can eliminate the pain of lost data and privacy, so now is the time to act. Schedule a demo today.

devsecops spyware stalkerware

RECENT POSTS