Richmond, Virginia (Associated Press) – As a member of the secret Senate Intelligence Committee, Senator Angus King has reason to worry about hackers. At this year’s briefing for security personnel, he said that he had received some advice on how to protect the security of his mobile phone.
Step 1: Turn off the phone.
Step 2: Restart.
That’s it. In an era when digital insecurity is prevalent, it turns out that the oldest and simplest computer repair method—turning off the device and then turning it back on again—can prevent hackers from stealing information from smartphones.
Restarting phones regularly does not stop the army of cybercriminals or spy companies that have sowed chaos and doubted their ability to protect the security and privacy of any information in our digital lives. However, even the most sophisticated hackers will work harder to maintain access rights and steal data from their phones.
“This is all about making these malicious actors pay,” said Neal Ziring, technical director of the National Security Agency’s Cyber Security Agency.
The National Security Agency issued “Best Practices” guide For mobile device security last year, it recommended restarting the phone every week to prevent hackers from intruding.
King is an independent in Maine, and he said that restarting the phone is now part of his daily work.
“I would say about once a week, whenever I think about it,” he said.
Mobile phones are almost always within reach. They rarely close and save large amounts of personal and sensitive data. They have become the primary target and microphone for hackers to steal text messages, contacts and photos, track user locations, and even open videos secretly.
“I always think that mobile phones are like our digital soul,” said Patrick Wardle, a security expert and former National Security Agency researcher.
The number of mobile phones hacked each year is unknown, but there is evidence that this is important.A sort of Recent survey After researchers found dozens of journalists, human rights activists, and politicians on a leaked list believed to be potential targets of Israeli hackers, global media consortium investigations into phone hacking were conducted in France, India, Hungary, and other places. Caused a political commotion. -Hiring company.
The recommendation to restart phones regularly partly reflects changes in the way top hackers gain access to mobile devices, and the rise of so-called “zero-click” exploits, which work without any user interaction, rather than trying to allow users to open some Secretly infected things.
Bill Marczak, a senior researcher at the Citizen Lab, an Internet civil rights monitoring agency at the University of Toronto, said: “This evolution is no longer the goal of clicking a cunning link.”
Generally, once hackers gain access to a device or network, they will find a way to persist in the system by installing malware into the root file system of the computer. But as mobile phone manufacturers such as Apple and Google have strong security to block malware from the core operating system, this becomes more difficult, Ziring said.
“It is difficult for an attacker to go deep into this layer to gain persistence,” he said.
This encourages hackers to choose “in-memory payloads” that are more difficult to detect and trace to the person who sent them. Such hackers cannot survive a restart, but they are usually not needed because many people rarely turn off their phones.
“The opponent realizes that they don’t need to persevere,” Wardle said. “If they can extract and steal all your chat information, contacts, and passwords at once, then the game is almost over, right?”
There is currently a strong market for hacking tools that can break into mobile phones. Some companies such as Zerodium and Crowdfence publicly offered millions of dollars for zero-click attacks.
In recent years, there has been a surge in hacker hire companies that sell mobile device hacking services to governments and law enforcement agencies. The most famous is the Israel-based NSO Group. Its spyware researchers say that its spyware has been used all over the world to hack into the phones of human rights activists, journalists and even Catholic clergy.
NSO Group is the recent focus According to the Washington Post, a media consortium disclosed that the company’s spyware tool Pegasus was used in 37 successful or attempted eavesdropping of corporate executives, human rights activists, and other people’s phones.
The company was also sued by Facebook in the United States, accusing it of using zero-click vulnerabilities to attack approximately 1,400 users of its encrypted messaging service WhatsApp.
NSO Group stated that it only sells its spyware to “censored government agencies” for use in combating terrorists and major criminals. The company did not respond to a request for comment.
The persistence of NSO spyware was once a selling point of the company. According to documents obtained by Vice News, a few years ago, its subsidies in the United States provided law enforcement agencies with a phone hacking tool that would survive the phone reset even if it was factory reset.
But Marczak, who has been closely following NSO Group activists for many years, said that the company seems to have started using zero-click exploits first, giving up persistence around 2019.
He said that the victim in the WhatsApp case would see the call ringing several times before installing the spyware. In 2020, Marczak and Citizen Lab exposed another zero-click hacker attack attributed to NSO Group, which targeted several journalists from Al Jazeera. In this case, the hacker used Apple’s iMessage short message service.
“No target reported seeing anything on their screen. Therefore, it is completely invisible and does not require any user interaction,” Marczak said.
Marczak said that with such a powerful tool at their disposal, restarting the phone will not stop a determined hacker. After restarting, they can simply send another zero click.
He said: “This is just a different model, it persists through reinfection.”
The NSA’s guidance also acknowledges that restarting the phone only works in certain situations. The agency’s mobile device guidelines have a simpler recommendation that can truly ensure that hackers will not secretly turn on your phone’s camera or microphone to record you: Don’t take it with you.