Cyber snooping threat

Security personnel in India are as fond of the latest smartphones and apps as their civilian countrymen. But unknown to them, cyber spies are keeping tabs on them by hijacking their smartphones from afar, accessing a range of sensitive persol information. How persol? They can give away their locations, the people in their call lists can be exposed and their conversations recorded, their household talk and other sounds can be overheard, their e-mails and text messages can be read, their social media activity can be monitored, their debit/credit card details and photos can be accessed, even their residence can be digitally reconstructed in three dimensions elsewhere. The threat of cyber snooping is now so real that the Central government has begun circulating security guidelines to ministries and departments, as well as a programme to sensitize members of security forces about careless smartphone use and dubious apps they may be downloading. The issue came up in the Lok Sabha recently when Minister of State for Home Affairs Haribhai Parathibhai Chaudhary, quoting an IB report, informed members that Pakistani intelligence agencies are spying on Indian security forces by injecting malware through mobile apps like games app Top Gun, music app mpjunkie, video app vdjunkey and entertainment app talking frog. Malware is the broad term for all kinds of malicious and intrusive software like viruses, worms, trojan horses and spyware. The problem is that even if some people are careful about what they share online, most are hardly aware of the damage easily available apps can do. For cyber crooks, spies and terrorists, mobile apps are a favorite medium to surreptitiously install malware into the smartphones of unsuspecting users.

The intertiol community woke up to the threat of ubiquitous cyber snooping in 2013 when Edward Snowden, a former US tiol Security Agency contractor, revealed the extent of the US government’s online monitoring of calls, emails and texts of billions of people worldwide. But on a much smaller scale, private marketers too are engaged in cyber snooping to zero in on likely customers. After all, marketers have to tailor very rrowly targeted advertising to people about whom they need to know a lot. And they don’t need monster data crunching supercomputers and servers, of the sort used by US security agencies, to profile clients who may want their products and services. Most marketers have been turning to apps makers to provide them persol information of users. What these apps can do, while their users remain blissfully uware, comes as a rude wake-up call. Cyber experts have warned of apps that can silently send back private data of users back to the apps makers, like their age, gender, body-mass index, their times of waking up and going to sleep, whether they are alone or with others, what they see on TV and hear on radio, their mode of transportation, their e-mails and smses, their home and office addresses and much else. But this data that the marketer wants can also be accessed by a hacker for hostile purpose. The technology already exists with which hackers from afar can switch on the microphone in a user’s smartphone and eavesdrop on what he is telling his spouse, remotely turn on the smartphone camera to click the user’s photo and access it, or activate the user’s smartphone and read his credit card in the wallet if there is a radio frequency identification (RFID) chip embedded in the card. Once vehicles, home appliances and even artificial body parts with embedded microchips get connected online in near future, it will not be far-fetched for a hacker to break into a user’s smartphone to hijack his car, turn off his home security system or disable his pacemaker and artificial limbs. The point is that users ought to know the power and scope of the technology they are using. What someone can devise with malice, another can neutralize with adequate precautions. There can be no excuse in being lazy and ‘un-smart’ when using IT-ebled smart gadgets, least of all for public officials and security personnel.