As the world has pivoted to remote working in the wake of the Covid pandemic, the scope for unscrupulous actors to spy on people and data is higher than ever. The rapid switch from analogue to digital communications has exposed numerous weaknesses for many firms, but spotting the signs that software may be spying on you is not always straightforward.
“We need to go further to ensure good practice is understood and resilience is being built into organisations,” Lindy Cameron, head of the UK’s National Cyber Security Centre, comments. “Investing resources and time into putting good security practices into place is crucial for boosting cyber resilience.”
While most businesses install antivirus systems to automatically detect intrusions, some of the biggest risks can come from a lack of awareness about the ways that spyware works and the tell-tale signs that it has infected your computer.
Recognising malware
The most familiar form of spy software is undoubtedly malware – malicious software designed to infect your computer unnoticed and cause damage, disrupt operations or provide hackers access to sensitive information.
The June 2021 cyber-attack on the Colonial Pipeline, the largest fuel pipeline in the US, highlighted the danger that this form of spyware can cause when it goes undetected as well as the real-world impacts it can have, costing US$5million in ransom payments and tens of millions of dollars more to restore operations in the aftermath.
Cloud-based IT security firm Mimecast estimates that 74 percent of organizations in 2021 experienced some form of malware activity where software was spread from one employee to another, a significant increase from just 61 per cent in 2020.
Malware can arrive on your computer through a variety of means, such as malicious links, corrupted PDFs or bogus updates, and is often invisible to the user. For this reason, the first tool to check suspect links of files is antivirus software, which can run in the background and detect threats, but this is not infallible and there are a number of other signs to look out for.
Reduced performance or an increase in unidentified internet activity are often the first symptom of a computer that has been infected by spyware, as software works in the background to access your files. If you find your computer suddenly slows down, crashes, or displays repeated error messages then it could be worth investigating further. Issues may be accompanied by a mysterious loss of disk space, unfamiliar changes in browser settings or loss of access to files or drives.
Anti-virus provider Kaspersky Lab advises that you should check if “your device turns on Wi-Fi, mobile Internet, or geolocation, even though you turned them off”, pointing out that excessive data or battery usage “are two red flags”.
Unfamiliar icons or applications on your computer desktop are a further clear sign that spyware may be snooping on your activity. This could include Windows Powershell commands or batch files, designed to run additional malware or malicious scripts in the background.
Caution online
Unexpected advertising messages, pop-ups or unusual dialog boxes and windows as you browse the internet can also be a bad sign. This could include unanticipated redirects, where a link takes you to a page you weren’t expecting, a change in your home page, or even fake error messages warning that your machine has a virus or other security threat.
“One of the things we always tell people is that, as of right now, there’s no way a website can tell you if your computer is infected,” Tim Armstrong, senior sales engineer at SecurityScorecard, explains, adding that it can be important to pay attention to whether your computer is running more slowly than usual.
“There are people who try to trick you into installing rogue software [and] will put as many things on your computer as possible at the same time to make the most money,” Armstrong comments. “And with all this spyware and applications running at the same time, you’ll see a slowdown in performance.”
A recent report from enterprise security firm Tessian meanwhile shows that 56 percent of IT leaders believe employees have picked up bad cybersecurity behaviours since working from home and 69 percent think that ransomware attacks will be a greater concern in a hybrid workplace.
“Creating a strong security culture is going to be even more important in a hybrid model. Why? Because an effective security culture equals an engaged workforce that takes responsibility for security issue,” an analyst at Tessian notes, highlighting that “over a quarter of employees admit to making cybersecurity mistakes” while working from home.
Scott Dodds, CEO, IT service management firm Ultima Business Solutions sees the return of workers to the office as a very real risk, noting: “we’re noticing a new trend – hackers are now biding their time and using more advanced and persistent tactics to work out how to access corporate networks. They are dwelling on the device or system for long periods to monitor how it’s used. Once employees return to the office with a dormant infection on their machine it will then spread laterally across the corporate network, allowing the hackers to hold you to ransom.”
This growing threat is driving massive investment in antivirus software, with the global market valued at US$3.92 billion in 2021 and expected to grow at a compound annual growth rate (CAGR) of 3.2 percent, reaching more than US$4.5 billion by 2025.
Is your boss spying on you?
Alongside the risk of being spied on by cybercriminals, the modern world of remote working is also spurring a new wave of tools known as ‘bossware’, or employee monitoring software, that allow managers to spy on employees.
“While aimed at helping employers, bossware puts workers’ privacy and security at risk by logging every click and keystroke, covertly gathering information for lawsuits, and using other spying features that go far beyond what is necessary and proportionate to manage a workforce,” Karen Gullo, analyst at the non-profit digital rights group Electronic Frontier Foundation, says.
Forbes estimates that the global employee monitoring software market will hit US$4.5 billion by 2026 as business leaders deploy ever greater amounts of surveillance, and in many cases there is very little that staff can do to avoid this type of spying.
“The world is changing,” Dave Nevogt, the CEO of Hubstaff, a monitoring tool that gives bosses a snapshot of what individual employees are doing. “Workers know they are being watched, so it does not violate privacy”.
This shift to a constantly observed workplace seems set to become more and more mainstream in future as collaborative tools, video conferencing, team sharing applications, remote-desktop infrastructure and other modern business tools bake in the ability for managers and IT to view detailed information about each employee’s usage,
Brian Kropp, Group Vice President of research at technology consultancy Gartner notes that “since the start of the pandemic about 30 percent of companies have purchased [software] to track employees as they work remote… Anything that you write on any company messaging platform, your employer has access to.”
In future, the question may not be if software is spying on you, but who has access to your activity and what can they do with that information.