How to stop your smart devices from spying on you

Recent revelations regarding the CIA's ability to snoop on our connected devices have been alarming. Here's how to protect yourself.

spying tv
Credit: Pixabay

A new WikiLeaks release may affect you personally. Thanks to the rogue info-dumping network, Americans have now learned that the CIA can easily access all sorts of mobile devices from iPhones to Androids; across platforms, devices and brands; as well as everything from cars to your Samsung smart TV. No one, it seems, is safe from the technological prowess of the United States government. The news, if true, could be a major security concern for literally everyone. Windows, Macs and Linux OS computers are all accessible by the technology developed by the CIA.

According to cybersecurity experts, there’s no reason to believe other world powers like Russia and China don’t have access to similar cyberhacking capabilities.  The list, a collection of vulnerabilities that the organization can access, spans from 2013 to 2016, and not all the vulnerabilities listed are still susceptible today. Many have been addressed in security patches and updates; however, some, including one for the iPhone, were apparently still unaddressed in 2017. Since the list is out of date, there’s an extremely high chance they have identified more vulnerabilities that remain unaddressed even in fully updated devices.

What they can do

The documents claim that the CIA can bypass the encryption on all apps and devices by accessing your device directly. In essence, what you can read on your phone and on devices, the CIA can read. Although they have not been able to break the encryption provided in the apps, the access they have means they don’t need to. They rely on public malware in some cases to access devices, and in others can turn your device directly into a spying tool. One program developed by the CIA, dubbed “Weeping Angel” after a character in a Steve Forbes biography, focused on turning the Samsung Smart TV into a microphone that can be turned on even when the device is off and without alerting the owner. They’ve developed technologies to hack into every major OS, including all major smartphones as well as the OS Linux, often the choice of the technologically savvy, who are more likely to be concerned about cybersecurity.

Who is vulnerable

Everyone, theoretically, is at risk of being surveilled by their devices according to the capabilities of the CIA. However, nothing in the documents suggest that the CIA has decided to turn towards the route of mass surveillance. Instead, their capabilities seem to be focused on specific individuals of concern. The average citizen, therefore, probably isn’t being actively spied on by their TV. They’re best suited for individual targets because they hack into the individual kernel of a device, rather than any network; one device described it the function as “develop(ing) software exploits and implants for high priority target cellphones for intelligence collection.” Although they can individually spy on you, they probably have other priorities.

How to protect yourself

There aren’t many options, if the WikiLeaks dump is true (CIA officials have refused to confirm or deny the content of the documents, suggesting it’s probably true). This has been dubbed a “zero-day exploit” because there is zero warning, and no time to prepare for this hack. Because information is transferred through networks you could theoretically disconnect your devices from WiFi and cell service, but that would render them, in many cases, virtually useless for their purposes, particularly in a world of increasing hyper-connectivity. If you want to ensure privacy in a given moment, ensure that all devices around you are unplugged, with batteries removed when applicable.

Other good steps to protect yourself include standard safe online practices: download updates immediately, don’t click suspicious links, run regular malware scans and turn your devices off when you don’t need them. Apple has already responded to the leaks by saying they have released patches to improve security and have more on the way; Microsoft and other affected companies are likely to do the same. Nevertheless, in the wake of this news, no one can truly guarantee they aren’t being spied on. Perhaps greater questions must be raised about the rights of the US government to develop, weaponize and use technology that gives them total access to anyone, but for now, you probably don’t have someone watching you.

This article is published as part of the IDG Contributor Network. Want to Join?

NEW! Download the State of the CIO 2017 report