A major journalistic investigation has found evidence of Israeli company NSO Group's Pegasus spyware being used by many governments around the world, including allegations of spying on prominent individuals, journalists, oppositions and human rights activists.
From a list of more 50,000 phone numbers, journalists identified more than 1,000 people in 50 countries reportedly under surveillance using the spyware.
How can I tell if I am being monitored?
It is in the very nature of spyware to remain covert and undetected on a device. Yet, there are mechanisms in place to show whether your device has been compromised.
The (relatively) easy way to determine this is to use the Amnesty International Mobile Verification Toolkit (MVT). This tool can run under either Linux or MacOS and can examine the files and configuration of your mobile device by analysing a backup taken from the phone.
Find the tool here- https://github.com/mvt-project/mvt
While the analysis won't confirm or disprove whether a device is compromised, it detects indicators of compromise which can provide evidence of infection.
In particular, the tool can detect the presence of specific software (processes) running on the device, as well as a range of domains used as part of the global infrastructure supporting a spyware network.
What can I do to be better protected?
Although most people are unlikely to be targeted by this type of spyware attack, there are still simple steps you can take to minimise your potential exposure not only to Pegasus but to other malicious attacks too.
- Only open links from known and trusted contacts and sources when using your device. Pegasus is deployed to Apple devices through an iMessage link. And this is the same technique used by many cybercriminals for both malware distribution and less technical scams. The same advice applies to links sent via email or other messaging applications.
- Make sure your device is updated with any relevant patches and upgrades. While having a standardised version of an operating system creates a stable base for attackers to target, it's still your best defence. If you use Android, don't rely on notifications for new versions of the operating system. Check for the latest version yourself, as your device's manufacturer may not be providing updates.
- Although it may sound obvious, you should limit physical access to your phone. Do this by enabling pin, finger or face-locking on the device. The eSafety Commissioner's website has a range of videos explaining how to configure your device securely.
- Avoid public and free WiFi services (including hotels), especially when accessing sensitive information. The use of a VPN is a good solution when you need to use such networks.
- Encrypt your device data and enable remote-wipe features where available. If your device is lost or stolen, you will have some reassurance your data can remain safe.