Late November brought another wave of security advice for smartphone owners, this time from the UK National Cyber Security Centre. It follows earlier alerts from the United States Cybersecurity and Infrastructure Security Agency after growing concern over commercial spyware targeting everyday users of apps such as Signal, Telegram and WhatsApp.
Reports surrounding the Sturnus spyware family have intensified the pressure on security agencies on both sides of the Atlantic. The concern centres on the ability of such tools to bypass encryption once a device is already compromised, giving attackers a window into private conversations. In response, CISA released an urgent notice explaining that several threat groups are using commercial spyware to go after mobile messaging users. Its updated guidance urges anyone who may be at risk to take action straightaway.
Below you will find a clear breakdown of the steps recommended for both iPhone and Android devices.
Rising Attacks Against Smartphone Users
Cyber attacks appear in many forms. Recent incidents involving London councils, along with fraudulent activity aimed at customers of major services including Amazon, Netflix and PayPal, show how wide ranging the threat has become. Yet the most troubling development is the increasing use of sophisticated spyware aimed at individuals.
Those more likely to be targeted include journalists, campaigners, public sector staff, the military and anyone with access to sensitive information. For most people, the risk comes not from being a prime target but from being caught in the crossfire of an attack aimed at someone else. The safest approach is to assume you may be affected and to secure your devices accordingly.
CISA’s Mobile Communications Best Practice Guidance has now been refreshed. It explains how to protect end to end encrypted communication and gives detailed instructions for improving the privacy of both iPhone and Android smartphones.
CISA Advice For iPhone Users
• Switch on Lockdown Mode which restricts apps websites and system features to reduce potential attack routes
• Turn off the send as text message fallback which stops messages dropping to SMS when iMessage is unavailable
• Enable Apple iCloud Private Relay to shield your DNS lookups
• Review app permissions and remove anything that is not essential especially access to location camera or microphone
CISA Advice For Android Users
• Use devices from manufacturers that offer long term security support and that include strong hardware level protections
• Only use RCS messaging when end to end encryption is confirmed
• Set Private DNS to a trusted resolver such as Cloudflare 1.1.1.1 Google 8.8.8.8 Resolver or Quad9 9.9.9.9
• Make sure the always use secure connections setting is switched on in Chrome
• Turn on enhanced protection for safe browsing in Chrome
• Keep Google Play Protect enabled as it checks apps for malicious behaviour
• Review and reduce app permissions in the same way as recommended for iPhone
NCSC Guidance For UK Smartphone Owners
The National Cyber Security Centre which forms part of GCHQ has also issued updated advice to help people keep their devices safe. Its guidance focuses on simple measures that make a significant difference.
Use a strong lock screen
The NCSC highlights the importance of a secure PIN or password on the lock screen. Short patterns or predictable codes can be guessed with ease so choose something that cannot be linked to your online profiles.
Enable the built in device tracking feature
Whether you use an iPhone or Android handset make sure the locate my device tool is active. This allows you to find a lost or stolen phone and lock or delete it remotely if required.
Keep the operating system up to date
Security patches are available at no cost and most devices can install them automatically. Applying updates promptly prevents attackers from exploiting known vulnerabilities.
Update your apps as well
Apps can contain flaws of their own so regular updates reduce the chances of an old issue being used against you.
Think carefully before joining unknown Wi Fi networks
The NCSC cautions against using unfamiliar public Wi Fi. Although the chances of stumbling into a malicious hotspot are relatively low today due to widespread HTTPS protection it can still pose a risk for high value individuals. If you are unsure your mobile data connection is the safer choice.
