It's not just stalkerware

Presented at May Contain Hackers (MCH2022), July 23, 2022, 4:20 p.m. (30 minutes).

Stalking is unwanted and/or repeated surveillance by an individual or group toward another person. But what is the impact of tech companies making it easier to do this with the development of technology? In the news, we hear about the increase in stalkerware found on devices or scary government spyware. But it’s not just that, there are so many more common tools used by stalkers.

From September 2020 to May 2021, the number of devices infected with stalkerware increased by 63 percent, according to a study by Norton Labs. But stalkerware is not what I encounter most when I get contacted by stalking victims. Almost anyone can become a victim of stalking; stalkers do not just target celebrities. Sometimes they are ex-partners known to the victim, other times they may be a casual acquaintance, or just a simple stranger. With stalkerware, the actor needs access to the device or needs to persuade the victim to install something. In cases where the stalker is a (ex-)partner, that might be doable. But in other cases, it is easier to gain access to the accounts of the victim, gather information about the victim from social media, or use tracking devices (looking at you Apple and Tile) to follow the victim. Tech companies develop new apps and gadgets seemingly without thinking about other ways these can be used. And they end up making it easier to stalk someone. But what can we do about this problem? Should we lower efforts hunting stalkerware and help victims gather evidence? Or can we do something else.


Presenters:

  • Chantal Stekelenburg
    Chantal Stekelenburg is Head of Researchers at Zerocopter. She takes care of one of the most important aspects of Zerocopter's services: the community of researchers. Her focus lies on supporting and coaching the current researcher community as well as nurturing the growth of the researcher community as the customer base grows. As a co-founder and organizer of WICCA (Women in Cybersecurity Community Association), she is also involved in bringing infosec ladies and (female) security enthusiasts together to learn about exploits, hacking, incident response, forensics, the low-level stuff, hardware hacking, and especially making bad crypto jokes! Her main goal is to build a community of badass women in the Netherlands and hopefully inspire future generations to join keyboards and get the hacking started! As if that is not enough she also volunteers at the Dutch Police to help fight cybercrime and is in the supervisory board of the Dutch Institute for Vulnerability Disclosure.

Links:

Similar Presentations: