What is Cyber Spying?
By Brennan Whitfield
December 17, 2021
When presented with the term “spying”, what comes to mind? You may picture someone lurking in a dark alley, or blending into a crowd, watching a target from afar to document their every move. Within the past few decades however, this stereotype is not as applicable. Nowadays spying is primarily carried out online through a practice known as cyber spying.
So what is cyber spying, and how is it different from the spying we know in popular media? Today, the modern spy sits behind a computer screen, and trails their targets up to thousands of miles away. Many spies in this specialty work for the benefit of our biggest governments and corporations, but along with tracking criminals, they are likely tracking you.
What is Cyber Spying?Cyber spying, also known as cyber espionage, is a form of cyber attack where an attacker obtains information without authorized permission or knowledge by the information holder in a digital setting. The practice gathers information to gain leverage over their victim, and is typically classified as a cybercrime when used for nefarious intent. Opportunities for blackmailing, competitive insight, or digital infrastructure sabotage are all possibilities from cyber spying depending on the perpetrator’s goals.
Various methods can be employed to spy digitally: account hacking, tracking behavior with cookies or keylogging, or implementing malware onto devices such as Trojan horses and spyware are frequently used spying tactics on users. Though pervasive spying in any sense is considered illegal, this does not stop the practice from being carried out on a massive scale through loopholes, especially by those in high power.
Business, Politics, and Cyber SpyingConflict is part of human nature, but within the past few decades, entities have been able to gain the upper hand in business or political battles directly from their computer. Cyber spying on competitors usually aims to obtain relevant intellectual property (IP), trade secrets, business plans, or information which could cause reputational harm.
In the early months of COVID-19, cyber espionage on vaccine research ran rampant as various countries raced to develop an effective vaccine. Not only was eliminating the virus an incentive to create a cure, but so was the promise of profit. In 2020, hackers from China and Russia were accused of cyber spying on vaccine development efforts in the UK, US, and Canada. Speculation arose of the hackers’ affiliation with their respective national governments. The Chinese hackers in particular showed to have received support from Chinese intelligence agents, while the Russian hackers showed affiliation with a Russian-sponsored group known as “Cozy Bear” or APT29 .
To elaborate, APT stands for Advanced Persistent Threat, and describes a nation state or state-sponsored group gaining unauthorized access to a computer system. A number of APT operations depend heavily on cyber spying as a means to understand the vulnerabilities of a network and gather information quietly. Tactics such as malware implementation and phishing scams are common for gathering user credentials in the first stage of the APT lifecycle. Some of the most complicated cyber espionage campaigns have stemmed from APT operations, with efforts by infamous groups APT29 and APT30.
Aside from groups operating behind the scenes, some groups have explicitly created and distributed spyware for use by governments to spy on targets. As of October 2021, the US Department of Commerce declared they are blacklisting Israeli spyware manufacturers NSO Group and Candiru, due to aiding authoritarian regimes in malicious cyber spying activities with their software. In the past, the spyware from both corporations has been used by the Isreali government to tap into mobile devices to surveil criminals and terrorists. In recent years however, these manufacturers have been accused of selling their spyware to over ten countries and using their technology to carry out extensive cyber espionage operations against journalists and political dissidents. The NSO Group in particular has claimed their software’s intent was to combat terrorism, though the argument remains unrecognized per the US government.
Social Media and Mass SurveillanceHacker groups are not the only entities with cyber spying as their goal—business websites and social media sites create targeted content by spying on their users frequently. In some cases, websites spy on users to tip-off the government under the guise of monitoring criminal behavior.
Edward Snowden, a former CIA systems analyst, broke news in 2013 that the NSA had been gathering user conversation data from various communication platforms in an operation known as PRISM. Snowden exposed the NSA for tracking phone calls and text conversations from social media giants such as Facebook, Twitter, Google, Microsoft, Skype, YouTube, and more. Despite the whistleblowing, this surveillance still continues, with the US government requests to acquire user data from Facebook more than doubling since the 2013 story. ABC News cites in two-thirds of these Facebook requests alone, the information-grabs are included with a non-disclosure order, prohibiting sites from notifying users that their data is being distributed.
With social media sites’ spying behaviors out in the open, this has made many users weary to use social media in general in the past few years. A survey conducted by Callsign found 54 percent of social media users do not trust their data with the platforms they are using. Cyber spying culture has certainly impacted user activity for social media sites, and not for the better.
Protect Against Cyber Spying with humanIDLuckily there are solutions to make cyber spying more difficult, one of which is by protecting personal information from the login. Information you provide at account registration, such as names, emails, and passwords, become the first identifier websites use to track users. Decreasing the amount of personal information exchange decreases the chances of privacy breaches during APT attacks, and can increase the trust of users.
humanID helps to protect users by providing an anonymous login method and non-trackable user experience. At sign-up on a platform where humanID is implemented, the only information the software uses to authenticate users is their phone number, which is promptly hashed then deleted. No other identifiable information is required to be input, and the hash is non-reversible so that it cannot be traced back to the phone number provided. This means users may surf the platform with less fear of having their identity tracked or login information stolen by phishing scams, spyware, or other spying efforts.