WiFi ya Umma: Jinsi wadukuzi wanaweza kuitumia kuiba data zako

Replica

JF-Expert Member
Aug 28, 2017
626
1,000
Upo kwenye simu janja yako muda wote? Muda wote imeunganishwa kwenye mtandao unavyosogoa na marafiki kupitia Whatsapp, Instagram na mitandao mingine ya kijamii?

Upo kwenye hatari ya wizi wa mtandaoni

Kadri mjadala kuhusu wizi unaowezeshwa na komputa unaendelea kushika hatamu kwenye mitandao ya ulinzi duniani, kuna wasiwasi kwamba wadukuzi wanaweza kutumia udhaifu wa simu janja kuchunguza na kuiba data za watu.

=======

Are you always on your smartphone? Is it constantly connected to the Internet as you chat with friends and colleagues via WhatsApp, Instagram and other social media platforms?

Then you are at risk of cybercrime.

As discussions about computer-aided crimes continue to dominate global security forums, there are concerns that hackers may exploit unknown smartphone vulnerabilities to spy and steal data from individuals.

Security agencies have been spying on persons of interest using tracking devices but with advancement in technology, cellphone users have adapted encrypted channels of communication, making access to data harder.

However, there are smartphone vulnerabilities that leave users exposed and can be tapped by criminals to spy their activities and location via GPS, internet protocol address, Bluetooth and cameras. The threat is high, especially on a majority of Kenyans who carelessly share personal information online, ignore the need to install additional layers of security such as anti-viruses, and fail to switch off their location trackers.

A 2019 global survey on internet security and trust by the United Nations Conference on Trade and Development (UNCTAD) ranked Kenyans amongst the world’s most careless group of internet users and revealed that only four out of 10 were concerned about their privacy online. This is against the global average of eight in every 10 persons and was linked to Kenyans’ increased sharing of personal information online, especially through platforms like Facebook and Twitter.

The same behavior is replicated in the manner in which Kenyans use their mobile phones to access free internet in hotels, airports and public spaces unaware that the addresses may be used to spy on their gadgets to steal data or manipulate the phones to conduct unlawful activities. While smartphones are harder to hack compared to computers, users’ online and offline behavior gives criminals easy access to all the information stored in their devices remotely if they fail to delete all the IP addresses they used to browse the internet, cached data, browsing history and cookies.

Smartphone users are advised to use Virtual Private Networks (VPN) in place of the public IP addresses. When you jump into any public network, you leave behind your traces that may be used to access your phone by anyone who recreates the network remotely regardless of whether it’s offline or online. All they need is to figure out the name used on the address to spoof using your phone.

This means that every email, photo or post you send or upload passes through a hidden second party, who can easily manipulate it. The spy can even divert one’s bank transactions without the subject getting an alert.

Glenn Wilkinson, a senior security analyst at SensePost – a leading information security consultancy firm in South Africa – describes smartphones as the leading spy devices in our pockets that provide juicy content for hackers to crave for since they are continually linked to our daily businesses through emails, photos, bank details and social media.

Multiple smartphones can also be accessed through the snoopy software, which detects gadgets in a park and sends all the data received to a central server. “This means that when your cellphone is searching for network named say Starbuck, it’s possible for snoopy to bounce up and say ‘Yes I am Starbuck – you can connect to me’ and when you do, all your phone’s traffic will go through it,” notes Mr Wilkinson.

The effects trickle down to one’s private security since some online data bases allow you to map the name of the network to GPS coordinates to the Google street photographs, which then makes it easier for the person monitoring the phone user’s frequent locations.

Offline unauthorised access can be done via Bluetooth, the phone’s camera and a US device. The vulnerability in Bluetooth exists in its Network Encapsulation Protocol (BNEP), commonly referred to as tethering, which enables the phone to share its data bundles with a computer or another gadget. Experts warn that this sharing enables an attacker to create a malicious network interface on the victim’s device and re-configure IP routing. This forces the device to transmit all communication through the malicious network interface, an attack that does not require any user interaction, authentication or pairing, making it practically invisible.

The smartphone’s camera is vulnerable to attack through what is known as camfecting – remote access and activation of a phone/web camera without the user’s authority. This can be avoided by switching off the camera when not in use to prevent its detection by hackers. Most smartphones charge their phones using a USB cable connected to a computer at their places of work unaware that the device can be accessed and its data externally transferred remotely.

Multinational cyber security and anti-virus provider Kaspersky urges smartphone users to use only trusted charging stations and computers; use a password or fingerprint recognition; refrain from unlocking the phone while charging; and use encryption technologies and secure containers to protect the phone’s data.

“USB ports are designed to provide both charging capabilities and data transfer, so a mobile device that connects to a USB port ‘attempts a handshake’ with the computer, during which some data can be transmitted,” states Kaspersky Lab researcher Alexey Komarov.

UNCTAD notes that limited regulatory and enforcement capacity risks exposing consumers and businesses in developing countries to fraud, cybercrime and privacy abuse, as smart devices proliferate with little planning or oversight. “Developing countries, in particular, need to build the capacity to counter such threats, as they are particularly vulnerable in this area at present,” UNCTAD notes in its website.
 

charldzosias

JF-Expert Member
Nov 10, 2013
1,983
2,000
Kuwa Hacked hakukwepeki.. kitu KIBAYA sana ni Kuruhusu GOOGLE ikusevie Password..

Kibongobongo Ukimtumia Vizuri ISP Officer atakurahisishia kazi 70% ktk Vulnerability..

Ndio maan I'S specialist wanalipwa hela nyingi kulinda Mifumo (IT infrastructures)

Individual attack's kuzikwepa ni ngumu Kama huna Elimu ya I'S

VPN ni useless... Sio Security ya kuiamini.. inakuhide juu juu tu ila Kiuhalisia upo Uchi.

# Keylogger Expert
 

rumplelstiltskin

Senior Member
Jul 27, 2020
195
500
Kuwa Hacked hakukwepeki.. kitu KIBAYA sana ni Kuruhusu GOOGLE ikusevie Password..

Kibongobongo Ukimtumia Vizuri ISP Officer atakurahisishia kazi 70% ktk Vulnerability..

Ndio maan I'S specialist wanalipwa hela nyingi kulinda Mifumo (IT infrastructures)

Individual attack's kuzikwepa ni ngumu Kama huna Elimu ya I'S

VPN ni useless... Sio Security ya kuiamini.. inakuhide juu juu tu ila Kiuhalisia upo Uchi.

# Keylogger Expert
Bila vpn hackers wote wangekua wamekamatwa
Na darkweb isingekuwepo
 

charldzosias

JF-Expert Member
Nov 10, 2013
1,983
2,000
Virtual private network Hacker wanatumia The onion router labda kama unatak kuwa hacker nije nitoe kipind humu
Umejiona ulivyo 'Mfinyu wa Maarifa'? Umeelewa Swali nililouliza?

Unaniletea maswla ya TOR..? Umekariri wapi ndg?
Wacha niishie hapa. Kwaheri.
 

Toa taarifa ya maudhui yasiyofaa!

Kuna taarifa umeiona humu JamiiForums na haifai kubaki mtandaoni?
Fanya hivi...

Umesahau Password au akaunti yako?

Unapata ugumu kuikumbuka akaunti yako? Unakwama kuanzisha akaunti?
Contact us

Top Bottom