One upon a time electronic tracking person [target] was expensive, and difficult to achieve, but with the advancement of technology, it is now just a matter of a few pounds, and the leverage of available technology.
After setting up a compromised Cell Phone, with an invisible backdoor application to track, duplicate and send SMS etc. and to follow the owner/target, I ran an experiment, and with the ‘permission’ of a subject individual, and had them carry the device for a few days.
The results are remarkable when you consider the low cost of such a tool – I have been able to map their movements, link them to locations by time, and cross relate to simple technologies such as Google Maps, and Street View. With a little more configuration, I have also been able to track every web site they visited, and received every SMS etc. sent, and received, and have had a duplicated copy of every image communication, and all unbeknown to the target.
Of course it is all very well recoding such sessions, but the determined attack/watcher also wants to receive regular reports – simple, this is either done via sending messages direct to a subscribed mobile, or to the associated web interface. And of course if you [the attacker] wish to remove, or update the application on the target Cell Phone, this may all be done remotely, and without any need of physical access.
Simple technology, and one good reason why you should never let your cell phone out of your view – the question is, when it comes back, it is clean?
[su_box title=”About Professor John Walker – FMFSoc FBCS FRSA CITP CISM CRISC ITPC
” style=”noise” box_color=”#336588″]
Visiting Professor at the School of Science and Technology at Nottingham Trent University (NTU), Visiting Professor/Lecturer at the University of Slavonia [to 2015], Independent Consultant, Practicing Expert Witness, ENISA CEI Listed Expert, Editorial Member of the Cyber Security Research Institute (CRSI), Fellow of the British Computer Society (BCS), Fellow of the Royal Society of the Arts (RSA), Board Advisor to the Digital Trust, Writer for SC Magazine UK, Originator of DarkWeb Threat Intelligence, CSIRT, Attack Remediation and Cyber Training Service/Platform, Accreditation Assessor and Academic Practitioner and Accredited Advisor to the Chartered Society of Forensic Sciences in the area of Digital/Cyber Forensics.
Twitter: @SBLTD
John Walker is also our Panel member. To find out more about our panel members visit the biographies page.[/su_box]
John is the Principle at Shadow-Intelligence (Si), partnering with PALISCOPE, BreachAware and iStorage. He is a Visiting Professor at the School of Science and Technology, Nottingham, Trent University (NTU) and holds the appointment of Editor in Chief for the International Journal of Cyber Forensics and Advanced Threat Investigations (CFATI). For the last decade he has delivered training courses in the Middle, and Far East to Commercial, Industrial, the Financial Services Sector, and Military Agencies, including the UAE, US, Pakistan, Saudi Arabia, Malaysia (KL), Singapore, Argentina, and Sao Paulo
He served in the Royal Air Force 22 years’, specialising in Counterintelligence, working with UK Agencies such as GCHQ/CESG, and others in the fields of SIGINT, COMINT and Satellite Communications, holding appointments such as System ITSO for a CIA SCIF.
In the commercials sectors of IT/Cyber he has worked for/with Logica, Bae, T5, GM, Experian, Betfair, Palace of Westminster, House of Lords/Commons, TSol (Treasury Solicitors) and provided Consultancy to the Saudi Arabian MOD, TRA (Telecommunications Authority (Dubai) and the Military Academy of Malaysia (KL) on SOC, CSIRT, Digital Forensics and OSINT. Within the last 5 years he has focused on Geopolitics, with global expertise around the UAE and Russia, Anti-Terrorist Operations (ATO), Cyber-Warfare, Dezinformatsiya (Disinformation) and Maskirovka (Military Deception).
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
