Advertisement

Tech Support: Why you should be worried about Pegasus spyware

Yahoo Finance’s Dan Howley joins the Yahoo Finance Live panel with today’s Tech Support: Why you should be worried about Pegasus spyware.

Video transcript

ZACK GUZMAN: Welcome back. In this week's Tech Support, we're looking at ways to protect yourselves when it comes to spyware. And the latest example is one to point to when it comes to the technology licensed by Israeli firm and Israeli spyware firm, Pegasus was used to originally focus in on anti-terrorism operations here, but now being used maybe a bit more broadly in warnings about how consumers should be protecting themselves. That's what we want to dig into here with Yahoo Finance's Dan Howley breaking the latest Pegasus drama down for us. Dan.

DAN HOWLEY: That's right. So the Pegasus Spyware is built by this company, NSO. And essentially, they're an Israeli cyber security firm. And they license out this piece of spyware. And really what it is, is it exploits issues within smartphones, whether that's iOS-based or Android-based, to be able to access virtually anything on your device.

So think your photos, your videos, the messages you send people. It can pick up on your passwords. It can turn on your camera and record you. It can turn on your microphone and listen to you. Basically anything on your phone that you think is private is instantly available to this type of software.

Now, Israel has made a mandate with the NSO Group, basically saying, we have to approve of who you can send this kind of software to or sell this kind of software to. But according to reports from an organization or a coalition of media organizations, that's not always the case. And so, they found that dozens of journalists, human rights activists, politicians, opposition politicians, people along those lines, have had their phones hacked.

Now the scope of this isn't as far as something that you would see out of a cyber security or cyber criminal gang. But the availability of this type of software just proves that down the line, we could see similar types hitting regular consumers. You think about how the NSA's own code was leaked and led to essentially the WannaCry virus, which impacted companies and people around the world.

So there are some things you can do to protect yourself against this type of spyware. Now if you are a person in a highly valuable position, a CEO, perhaps a journalist in a conflict zone or in an area that happens to spy on journalists, there's really only a few things available to you. But for a regular person, if you're worried about this type of spyware, the best bet that you can take is to do something like ensure that your product is fully up to date. What these companies do and what this kind of software does is exploit vulnerabilities.

And so companies become aware of these vulnerabilities and then fix them with the latest information that they have. And then you don't have to worry about those exploits. There are some that are called zero day, which are exploits that are only known to the attackers, not to the companies. But once they're out in the wild, the companies are able to then work backwards and try to fix those.

And then, the other thing to do is always ensure that anything that you're opening on your smartphone is from someone you know, whether that's through a text message or email. It doesn't really matter. In the case of this Pegasus software, they were able to use something called a no-click intrusion, which basically means that you didn't have to click on anything. And you would never know that your phone was infected. Again, this is for kind of highly valuable people, as I said, journalists in zones, areas that will track them, human rights activists in areas that will track them, politicians.

For the everyday person, it's unlikely that something like this would hit you. But just to prepare yourself for the future, when more of this kind of software is available-- and it will get worse before it gets better-- the smartest thing to do is always ensure that you're up to date, and you are very careful about the kind of messages that you open.

ZACK GUZMAN: Yeah, good warnings there, Dan. I mean, we're not all presidents out there. But as you talk about it, cyber security issues continuing to get worse there, part of the reason why we've seen cyber security firms catch such a big bid here over the last couple of years. But Dan Howley bringing us the latest there. Appreciate it.