Conspiracies about as elaborate as those in a James Bond plot are less common than the straightforward insider threat in corporate espionage. Photo / Getty Images
Conspiracies about as elaborate as those in a James Bond plot are less common than the straightforward insider threat in corporate espionage. Photo / Getty Images
Some do it for the money. Some do it for control. Others do it for vengeance.
Whatever the motivation, stalkerware allowing people to secretly monitor and record details about someone else’s phone activity is increasingly common and used in everything from corporate espionage to abusive relationships.
In the corporate setting,installing stalkerware on a business rival was generally tricky, so disgruntled departing employees were a bigger threat than elaborate James Bond-type conspiracies, Cameron Hansen of Datalab said.
“Ultimately what seems to play out in the cases I’m involved with is the exploitation of legitimate data-sharing services that the user will currently employ.
“There is a huge amount of inquiry as far as people saying essentially: I’m being spied on.”
But mostly, what the Datalab data recovery and digital forensics specialists found related to existing data-sharing channels across hardware and cloud platforms.
Hansen said when IP theft or other data breaches were suspected, corporate clients sometimes did not know where to find the solution.
Some mid-tier companies decided it was better to invest in shoring up the existing exposure face rather than “running down the rabbit hole and determining what happened”, Hansen said.
The scenario of a corporate rival installing stalkerware to exfiltrate intellectual property was relatively rare.
“Insider threat beats outside threat 80-20.”
Sometimes an employee on the way out decided for malicious or ambitious reasons to take employer information with them to a rival.
“It’s like they’ve already mentally severed themself from their employer. I don’t think a lot of them think it will ever be uncovered,” Hansen said.
“If you have correct forensic tools and access you can generally build up quite a nice picture of an exiting employee’s last months.”
The risk of encountering stalkerware on a mobile device increased 183 per cent in Australia and 239 per cent globally in the past three years, according to digital security and privacy brandAvast.
“Stalkerware, a category of malware and form of tech abuse, steals the physical and online freedom of the targeted person by covertly tracking their location and monitoring smartphone activity, including websites visited, text messages and phone calls,” Avast added.
Jakub Vávra, Avast threat operations analyst, said stalkerware was not just about stealing personal data, but had safety implications for targets.
“Stalkerware is often installed secretly on mobile phones by abusive spouses, ex-partners, so-called friends or concerned parents, and has the capacity to inflict serious physical and psychological harm on those affected.”
The Coalition Against Stalkerware said a stalker usually required physical access to a target’s device and to be able to unlock it.
Ensuring a device was set to lock quickly when not in use was one way of preventing stalkerware being installed.
Omega Investigations managing director Phil Jones said when people approached him with concerns about spyware, he took devices to a specialist such as Datalab.
He said many businesspeople brought him phones and software to check they weren’t being targeted.
“Even in New Zealand, it goes on, definitely,” Jones said. “A lot of clients come to us and say: Can you debug the boardroom because we’ve got a big meeting coming up?”
NZ investigator and security specialist Phil Jones says his company receives requests to de-bug corporate boardrooms. Photo / Getty Images
But again, an insider threat could trump the more elaborate outsider threat.
“It’s no good debugging a place if everyone’s got their phones in there.”
Victim advocate Ruth Money said in the domestic or family violence context of stalking, authorities often seemed to be playing catch-up.
“I am seeing digital stalking cases on a weekly basis. It just goes hand in hand with sexual violence and family violence. The victims are full of shame and therefore don’t want to disclose it,” she said.
“I’ve had a creep put some covert cameras into a lady’s house.”
She said authorities frequently weren’t resourced to undertake forensic investigations quickly enough.
“I’ve got a guy in court today for breach of a protection order ... and he’s trying to apply for a discharge. The system just isn’t as responsive as it needs to be.
“I just don’t think the community realises the level of stalking behaviour and breaches of privacy that go on.”
Money said people targeted by stalkers should go to police.
And she said in many cases, third parties were not adequately protecting customer information.
The massive Genoapay and Gem hack, where data of 7.9 million New Zealand and Australian driver’s licences was stolen from Latitude Financial, has highlighted concerns about protecting customer privacy.
Another problem related to online stalking or harm was bullying at school, Money said. Again, she argued there was nowhere near enough awareness about online harm.
“Youths today live on their devices. There needs to be a real upskilling and education in the community,” she said.
“The poor kids at school are just being bullied and harassed and a lot of the teachers at school don’t know how to deal with the digital-based harm that’s happening in our community.
“There is a desperate need in the community for much higher-level understanding of what these so-called social platforms do and can be used for in the wrong hands.”
