Contact tracing was, and still is, a critical feature in helping governments monitor the spread of the covid-19 virus. The NSO-group was right at the forefront of contact tracing and developed the first contact tracing system, which they dubbed Fleming. However, when it was first introduced to governments they were using real phone data from thousands of unsuspecting people.
Giving people access to your phone location by enabling contact tracing and giving apps permission to access your location can put you in danger. You need to know how to protect yourself by not allowing apps access your location and using measures like a residential proxy from Smartproxy to protect you. In this article we will look more closely at how this data was extracted, what the dangers are of someone knowing your phone location and how you can stay safe.
NSO Group
Enter NSO Group, an Israeli company that had developed the spyware Pegasus to remotely conduct surveillance of individuals carrying smartphones. NSO was founded in 2010 by three former members of the Israeli Intelligence Corps, whose primary function was the gathering of signals intelligence.
Investigations over time revealed that Pegasus was used in the surveillance of journalists, activists, and political figures by Israel and other countries that had purchased the Pegasus platform. The Israeli Government has labelled Pegasus as a cyber weapon and now controls all sales of the platform. Pegasus is not available to private entities.
Back to the pandemic. During 2020, NSO began a campaign to present the advantages of Fleming, a new platform developed to track the movement of smartphones. This platform was attractive to governments keen to monitor the movement of their populations during the Covid crisis. NSO, at the time, gave assurance that Fleming was not able to collect smartphone users’ personal data.
In May 2020, an independent cybersecurity specialist uncovered an unprotected database owned by the NSO Group. A London-based research group, Forensic Architecture, opened an investigation into the uncovered NSO database and found that it contained actual surveillance records for over 30,000 mobile phones over a period of only six weeks.
During its presentations to market Fleming to foreign governments, NSO claimed that the demo contained computer-simulated data and was not actual surveillance.
Analysis of the uncovered NSO database by Forensic Architecture revealed that actual personal cell phones had been monitored. Its conclusion was that it would have been impossible for the data to be computer-generated and that the data was identical to what would be seen from live smartphone surveillance. This raised two significant concerns.
Firstly, the unauthorized intrusion on personal privacy, and secondly, and even more worrying, how such delicate information could be stored on an unprotected database for anyone with basic computer knowledge to access. It also begs the question of how many other parties had accessed this unprotected NSO database before Forensic Architecture opened its investigation. For at least 30,000 unsuspecting smartphone users, that concern is a reality.
IP – Your Personal Electronic Signature
Everything you do on the internet or through a mobile connection displays your personal signature, known as your IP address. Your IP address carries crucial personal information, not least of which is your current location. You may not want everyone to know where you are.
Hackers can use your IP address to access your device and your confidential information. Bank accounts, contact details, e-mails, and personal passwords are all at risk. Hackers can steal your IP address and use it to impersonate you. Transactions can be conducted in your name, with you being liable for goods or services you never asked for or received.
Using Residential Proxies
The easiest way to protect your IP address from hackers is by the use of residential proxies. A proxy is an intermediate server through which you send all online correspondence. The proxy server’s IP address is different from yours and could be from an entirely different location in another country. Third parties cannot trace back to your IP address through the proxy server, protecting you from malicious cyber activity.
Conclusion
In this day and age, protecting your information in the cyberworld is essential. With so many apps and software having access to personal details including location details, this opens us up to more malicious attacks. As such protection is well worth the effort and any cost.