Cyber Security Weekly Podcast
Episode 299 - STALKERWARE - Working to reduce domestic violence
We speak with Noushin Shabab, Senior Security Researcher with Kaspersky.
Kaspersky’s Digital Stalking in Relationships Report asked over 21,000 people their attitudes towards stalkerware, which is technology that enables a perpetrator to digitally monitor another person’s private life via a mobile device without their consent. Over a quarter (27%) of the 1,004 Australian respondents surveyed said they see no problem with stalkerware, or think it is acceptable under some circumstances. 30% of global respondents shared this sentiment, with the highest level of agreement amongst respondents in Asia-Pacific (24%) compared to Europe (10%) and the Americas (8%).
The respondents’ reasons to justify secret surveillance included: if they believe their partner is being unfaithful; if it is related to their safety; or if they believe them to be involved in criminal activity. Younger Australians surveyed are more inclined to think this activity is appropriate – 14% of 16-34 year olds compared to 4% aged over 55.
Noushin is a cybersecurity researcher based in Australia, specialising in reverse engineering and targeted attack investigations. She joined Kaspersky in 2016 as a senior security researcher in the Global Research & Analysis Team (GReAT). Her research focuses on the investigation of advanced cyber-criminal activities and targeted attacks with a particular focus on local threats in the Asia Pacific region. Prior to joining Kaspersky, Noushin worked as a senior malware analyst and security software developer focusing on rootkit analysis and detection techniques as well as APT attack investigations.
TinyCheck is a simple tool used to detect stalkerware and spyware installed on smartphones and tablets, and was developed to help non-profit organisations support survivors of domestic violence.
TinyCheck runs separate to a smartphone, on a device like a Raspberry Pi microcomputer. Using a regular Wi-Fi connection, TinyCheck scans a mobile device’s outgoing internet traffic and identifies if it is sending data to a known malicious server. It addresses a few specific problems that non-profit organisations face when they want to help a victim/survivor and check their device for stalkerware: 1) TinyCheck is unique in its ability to detect stalkerware and inform the affected user without making the perpetrator aware that such a check is being carried out. Nothing has to be installed on the device itself to perform the check. While other security solutions can also check and alert about stalkerware, they will need to be installed on the device. Therefore, there is a risk that the perpetrator will also be alerted. 2) TinyCheck enables checking any device, regardless of whether it is an iOS or Android device or any other OS. 3) It‘s an open source tool that is easily available to NPOs and affordable. The components can be bought for between 400-500 AUS dollars. It’s available now at GitHub - https://github.com/KasperskyLab/tinycheck
Our 2018 Interview with Noushin Shabab - https://mysecuritymarketplace.com/av-media/episode-118-meet-cyber-twins-noushinshbb-negarshbb-womenincyber-malware-analysis-appsec/
#stalkerware #cybersecurity #domesticvioleneceprevention #malware #kaspersky #domesticviolence #stalking