If you want to overhaul your landscaping or put a new deck on the back of your home, what do you do? You find a contractor who can do what you need and you hire them on the spot. According to the New York Times, governments from around the world may be operating under the same basic mentality. Only they’re not dealing with contractors who can install a new hardwood kitchen floor – they’re working with groups who can spy on technology owners without their knowledge.
The NSO Group
One such company is the NSO Group, a surveillance firm based out of Israel that has been making waves across the world for the last six years. According to one report, spying on up to 10 iPhone owners without their knowledge doesn’t require backdoor Senate hearings, public debates or wiretaps at all. It turns out it can cost any government in the world as little as $650,000, plus a modest $500,000 setup fee. Naturally, prices go up as the number of people you’re trying to monitor increases.
With an arsenal of high-tech surveillance tools that read like something out of a James Bond novel, the NSO Group claims that it can capture EVERYTHING on a smartphone or computer without the owner’s knowledge. This includes sounds, messages, keystrokes, location information and beyond.
Think about the last intimate text message that you sent. Now, think about how terrifying that it is that someone might be reading it without your knowledge.
Perhaps the most frightening thing of all is that we wouldn’t even know the NSO Group existed had they not recently made a series of high-profile mistakes. In August of 2016, security researchers discovered a strain of spyware belonging to NSO Group on the iPhone of a UAE-based human rights activist. After doing some digging, they also found a similar strain on the smartphone of a journalist who had been covering corruption in the Mexican government.
In both cases, it isn’t exactly difficult to discern where those spying requests happen to come from.
NSO Group and similar organizations like it usually gain access to a user’s smartphone through good, old-fashioned user error. According to the New York Times, one of the most common approaches takes the form of a phishing scam. Malicious links are sent to a user, usually in the form of an email, that the user then opens on their smartphone. Once the link has been opened, spyware downloads automatically – turning over every last digital activity to prying eyes.
These types of private spy firms also often make use of security flaws in the Android and iOS operating system to gain access to devices. While Apple, in particular, regularly issues bug fixes to prevent this type of thing from happening, no OS is perfect – something that private spy firms seem hellbent on proving as time goes on.
A Brave New World
The NSO Group is just one of many, many examples of companies out there that act as private spy firms who can get important information out of electronic devices on behalf of world governments. With the right malware installed on a device, a smartphone can essentially become a GPS-enabled secret recording device – tracking your every move and reporting what you’re doing to interested parties.
Naturally, many of these companies are less than forthcoming regarding who they’re doing business with and how many people they’re spying on.
As smartphones, tablets and similar types of technology become increasingly essential parts of our daily lives, it’s clear that privacy, in general, is a situation that will get much worse before it gets better moving forward.