Say the word “spy” to most people, and they’ll probably come back with a pop culture reference like “James Bond” or “Jason Bourne”. Then go on to mention “contact lens cameras”, “micro-film” (or more likely “nano”, now), and “poison-tipped umbrellas”.
But beyond popular culture, there’s a very real though shady world where spying continues to be a practice – and not exclusively the preserve of covert government agencies or nation state actors.
In this article, we’ll be looking at some of the software technology that spies at all levels have been using, and continue to use, to ply their trade.
Strictly speaking, the term “spyware” could be used to describe all of the tools and technology with which espionage is conducted – including the poison-tipped umbrella. But in the context of digital/information technology, spyware is any software that obtains information about a person or organization – usually without their knowledge or consent.
At the more legitimate end of the spectrum, this definition would include cookies deposited in your web browser cache when you visit a website, or software used to gather data on you and your habits for marketing and targeting advertising purposes – so long as these operate without your knowing about them.
Spybots or tracking software are terms often used to describe the class of spyware which is installed without a user’s consent – typically through deception (an infected website, pop-up window, or other malware trap) or camouflage (with a spyware program bundled as part of an otherwise legitimate download). Once installed, these programs gather information on the infected target and transmit it to third parties, who may use it for any number of purposes.
Back in October 1995, the term “spyware” first appeared in a public forum called Usenet – which was a distributed internet discussion where users could post messages in an email-like format. It featured in an article analyzing the business model then adopted by Microsoft, in a largely conceptual context.
Spyware made its first significant public impact in 1999, when the popular freeware game Elf Bowling was discovered to be laced with tracking software. Also in that year, Steve Gibson of Gibson Research uncovered a form of spyware which, under the pretext of advertising, was actually pilfering confidential information – the first significant intrusion of adware. In response, Gibson went on to develop OptOut, the first anti-spyware program.
A press release for a personal firewall package which appeared in the year 2000 contained specific reference to spyware, and marked its official entry in the modern language of computing.
As with other forms of malicious application, spyware has enjoyed a rapid evolution since its humble beginnings. In no small part, this may be attributed to the proliferation of websites, portals, file-sharing resources and torrents that enable users to exchange files and bypass officially sanctioned software distributors and app stores to download free software, or cracked and pirated versions of commercial packages.
Authors of spyware have been known to pay the developers of shareware (limited or zero functionality after a certain period, unless you choose to buy) to bundle their tracking software with legitimate packages. They may also re-engineer freeware applications to include their own spyware code.
Beyond the booby-trapped email attachment or infected pop-up window, internet spies may lure unfortunate victims to tainted websites, where spyware is undetectably and automatically downloaded onto a visitor’s machine – the so-called “drive-by download”. This points to the principal weapon that cyber-criminals use in getting their targets to install spyware: stealth.
Spyware works best when the target is unaware of its presence or activities. So today’s spyware practitioners take great pains to ensure that victims have no idea that the software package they’re installing comes bundled with spybots, or that the website they’ve just visited left them with more than what they’ve just seen.
Once established on a host system, spyware may then go on to observe a user’s activities and provide a steady stream of information to its controllers. This could include personal data, contact lists, financial information, account and user credentials, intellectual property, or operational data crucial to businesses. In some cases, the tracking software may also make changes to a system or network to make its own work easier, or as a form of sabotage.
There are several forms of tracking software in current circulation, including:
The pilfering of confidential personal or corporate data and intellectual property can lead to identity theft, fraud, financial losses, and damage to individual or organizational reputations once the breaches come to light. That’s why spyware is a lucrative option for cyber-criminals, who can sell information on to third parties, or hold people and organizations to ransom over the return of their data or the threat of exposure.
Spyware can also cause real damage to infected systems. There’s often a performance dip associated with a spyware installation, which may manifest as a device or system running slowly, crashes and freezing, increased stress on the processor, higher operating temperatures, battery drains, and so on.
The tracking software may also make changes to system configurations, change port and browser settings, spoof or redirect homepage settings, alter a user’s search engine results, or cause a user’s web browsers to automatically visit infected or fraudulent sites.
New software should be downloaded from approved app stores and manufacturer websites, whenever possible. File-sharing (unless within a secure network environment) and torrent downloads are generally not a good idea. Neither is haphazard clicking on unsolicited email attachments or pop-up windows and advertising.
Security and anti-virus software is always a recommended option – as long as it originates from a reputable manufacturer, and has dedicated anti-spyware facilities. Look for anti-spam filters, cloud-based detection, and virtual encrypted keyboard tools for entering financial information and transactions. Some internet security solutions also offer spyware removal capabilities, in the event of an existing infection.
Device security should also be maintained. So keep a close eye and hand on cell phones and tablets, use password protection and lock screens, and secure all hardware against physical theft or tampering.
Software license agreements are a necessary evil – and one that spyware merchants often use to push their software with your unknowing consent. References to how your personal information may be used and transmitted to third parties may be buried deep within the clauses of the written blurb that appears before an application install. And because so many users don’t bother to plow through this text, they miss the oblique references to what’s actually spyware.
The same applies to the permissions demanded by a mobile app, prior to its installation.
Do yourself a favor and go through this material before installing your software – even if it means printing out a hard copy and reading it over coffee.