Cyberspace is jam-packed with options and they can reach you through even a smartphone received as gift
Seven years ago, a Malayali man settled in the United States approached a cyber expert here with an offer of ₹1 lakh a month for snooping on his wife. Four years later, another man from Singapore approached the same person with a somewhat similar assignment, only with four times the previous offer.
“He did not even reveal whether the woman was his wife, girlfriend or someone unrelated. It was as if the fee was also for not asking questions,” said the expert who turned down both offers, which were outright illegal.
As ominous as it may sound, snooping, cyber experts observed, was a commonly deployed tool. “It is widely prevalent in the corporate world to preempt leak of company secrets. Legal profession is not free from it as rival clients are being snooped on. Private detectives also employ it for their clients,” said Nandakishore Harikumar, who runs a cybersecurity start-up.
‘Couple snooping’ whereby partners’ smart devices are snooped on is not rare either. Getting the partner to click on an innocuous-looking link on some pretexts will help install the malware remotely in the targeted device.
Path to snooping
“While spyware like Pegasus is too expensive, numerous malwares are either available for much less or their sources are freely accessible on the Dark Web, which an efficient hacker can customise into a potent tool. Since these malwares can be bunched up with popular apps, they can easily slip into the device unnoticed. While microphones and cameras of smartphones are the most targeted applications, keystroke trackers that help crack passwords are also widely used, especially in phishing attacks,” said Mr. Harikumar.
Rahul Sasi, a cybersecurity expert, said that smartphones gifted can come embedded with such malwares or spyware sparing the perpetrators the hardship of installing it remotely.
“Updating the operating systems (OS) of the device and checking the authenticity of apps prior to installation are the basic tools to counter malicious cyberattacks. A device with an outdated OS is that much more vulnerable,” he said. Using secured Virtual Private Network that mask IP credentials and not clicking on unsolicited links are other precautions to be taken.
Prasanth Sugathan, lawyer and Legal Director of the Delhi-based Software Freedom Law Center India, said that except for the access of devices by the law enforcement agencies authorised under the Telegraph Act or Information Technology Act, all such access is deemed ‘unauthorised.’
“Section 43 (a) of the IT Act deals with unauthorised access to a computer while Section 43 (c) has reference to introducing any computer contaminant or virus. Section 66 provides for imprisonment and fine of up to ₹5 lakh for offences listed in Section 43,” he said.
Mr. Sugathan, however, said that cases registered under these sections rarely lead to convictions as the charges are hard to prove owing to deficient cyber forensic evidence. “Cyber forensics is not yet fully developed here and there are few agencies with the expertise,” he said.