STALKERWARE & CORPORATE

A common misconception is that Cyber Threat Intelligence is just for Corporate America or governments. Let’s challenge that assumption with a practical application of CTI to the issue of stalkerware. Security professionals might consider stalkerware a tool for overly-controlling partners or parents, but what if I told you there’s more? Stalkerware presents a hostile actor with a (questionably) legal, commoditized, and easily consumable “software” that has many of the same features of backdoors and other malware we all fight to keep out of our environments, and what wrongdoer wouldn’t take advantage of that? In fact, stalkerware has already been linked to nation-state governments spying on dissidents and journalists. In this talk, you’ll get additional insights into stalkerware; what it is, how it works, who it targets, CTI hypotheses and suggested RFIs to other teams, and of course, no CTI review would be complete without a discussion of the various hostile actors that leverage stalkerware and their tradecraft. Takeaways include glimpses into the dark side of humanity and a report for your threat intelligence platform, as well as ideas of how security professionals can start to tackle this problem as a part of their CTI program.