FCDO Services »Latest »Are your devices spying on you?

Are your devices spying on you?

We all want things in our life which save us time and make life just that bit easier. To satisfy that need, each year household and consumer technology becomes more and more advanced. Although the security in smart technology is improving, there’s still a real risk of your everyday devices being exploited.

If you received any kind of smart device as a Christmas present or you’re considering buying one yourself, hold onto your credit card for a moment. And keep reading to uncover some enlightening facts about the latest tech available.

Our experts at UK NACE (the UK National Authority for Counter-Eavesdropping) know all too well that smart and wearable technology is susceptible to malware attacks. They give us the lowdown and their tips for improving the safety of your smart devices.

Keep your devices up to date with the latest security

Devices such as smartphones and smart watches are constantly being updated with new security software. So, it’s vital to ensure yours is always running the latest version. However, that alone won’t stop hackers from trying to get unauthorised access to your personal information.

The older your device, the greater the risk of attack. This is especially the case when it’s no longer supported by the manufacturer, as it won’t receive any new security updates. This could potentially leave your device wide open to attacks, and your personal data vulnerable. Attackers aren’t only focused on old devices though.

UK NACE say, “There’s a whole industry out there looking for brand new ways to target the most modern hardware. These kind of attacks are called “zero-day” exploits and they typically take advantage of unknown vulnerabilities in new software or hardware, well before anyone realises anything is wrong!”

Beware fake updates

Attackers can also gain access to your technology through other methods – the most common is fake and harmful updates. Whether that’s general software, security or specific app updates – their authenticity can be hard to distinguish from official sources.

Originators of fake updates commonly send out a pop-up ad or alert. This says your device is infected with malware and offers to scan your system, or asks you to click on a link to update the software.

For these to take effect, it requires you to update your permissions to allow apps to access your location, camera and contacts list. This helps attackers, advertisers and app developers profile your behaviour. It can also lead to you giving away your personal information.

Smartphones and smartwatches

Smartphones are the perfect eavesdropping device, or ‘bugs’.

They’re easily programmable and have constant power. Unlike many traditionally concealed eavesdropping devices, this means you could potentially be tracked and listened to continuously.

Modern smartphones have features, such as cameras, microphones, GPS (Global Positioning System) and more. These all provide a variety of options for an attacker who is looking to exploit you. Whether that’s to track you or gain access to your personal information, such as your address, bank details, passwords or pictures.

What about smartwatches? Smartwatches and fitness trackers present a different challenge to a hacker. But it is still possible to exploit these as eavesdropping devices, especially when linked to a smartphone. This can end up with you having more than just your steps being tracked!

If knowing your GPS location wasn’t unsettling enough, an experienced attacker can use the motion and orientation senses in your device to calculate your ATM pin numbers and passwords.

Top tips to protect your personal data

To help prevent a malware attack on your smart devices, UK NACE strongly recommends regularly updating the security settings. This is particularly important, if you store a lot of your personal information on your smartphone for instance.

So, the next time you see a genuine new update pop up on your device, install it straight away. Don’t leave the door open for attackers to profit from your data.

This also goes for when you get a new device. Before you begin to use it in earnest, check whether it’s running the latest version of software and continue to do this regularly.

You should also keep your smart devices away from places where you’re holding sensitive or classified conversations. This reduces the risk of someone eavesdropping on your in-person discussions. If in doubt, leave the device outside the room!

Need advice on how to counter these types of eavesdropping attacks better? Speak to UK NACE or your organisation’s security adviser if you have one.

You can improve your device’s security further by:

  • re-setting your password every couple of months and using different passwords for each account or site you use – take a look at the National Cyber Security Centre guides on the use of password managers and two factor authentication
  • updating your privacy settings – this is particularly important with your social media accounts
  • using an anti-malware app on your device – these help protect you from attackers planting viruses within your technology

Further links

  • UK NACE

    UK NACE is the UK’s national authority in protecting technical security, providing guidance and operational support to the UK government and Friendly Foreign Governments.

    UK NACE Sign