How to protect your CEO from smartphone cyber attacks
Order your DigitalBank Vault: https://www.digitalbankvault.com/order-the-digitalbank-vault
We have been recommending that executives and other high-value travelers like researchers and diplomats use hardened Android devices while traveling through regions where the mobile network operators should be considered hostile actors.
This is due to the fact that iOS relies on a single-point-of-failure security model and has not allowed users to select which encryption roots their device trusts. With Android, Google has at least allowed users the option to de-trust the surveillance certificates that are injected into Android devices. iOS has no such capability, requiring users to jailbreak their device to de-trust surveillance roots in a similar fashion. This is especially concerning due to the number of authoritarian regimes that Apple has collaborated with to allow surveillance on all iOS devices."
To reduce the risk, "we are in the process of designing communications filtering technology that essentially removes direct-to-executive communications from mobile phones, with all publicly-attributable numbers associated with executives on a protected virtual communications platform, and an obfuscated number on the actual handset that they carry. This essentially creates a mobile firewall to allow inspection of all files before they get to the executive's phone. This is expensive and operationally intensive now, but we hope to make it easier over time."
"First is social engineering, which is on the rise and can enable a criminal to circumvent even the most stringent security measures with the help of their unwitting target. Make sure you educate your C-level staff about these types of attacks and give them clear escalation channels for checking and reporting potential attacks,"
"Second, in addition to reducing the risk of a hack, operate on the assumption that devices, particularly those belonging to high-level targets, will inevitably be compromised. With that in mind, consider how to mitigate that eventuality: What policies and measures can you put in place to minimize the amount of confidential information on the device at any given time? How do you ensure that compromising a single device isn't sufficient to access the most sensitive data and infrastructure? What level of monitoring prevents hacked devices from staying hacked for too long?"
"Don't open suspicious files. Certainly do not install apps from a source other than the main app store or another safe location. If you have IT or security staff that handle these incidents, you should ask them what policy to follow. These things are a bare minimum to try to stop an attacker from running malicious software on your device,"
What to do if a phone has been compromised?
"First, they should isolate their device so that the hacker cannot communicate with it -- this can mean turning it off, taking out the battery if removable, ejecting the SIM card, or even putting it in a Faraday bag. Second, they should change the credentials on any accounts that could have been compromised through the device and end any active sessions. Third, they should alert their IT department and turn over the device for inspection."
"Cybersecurity has always been about risk management, as we recognize that it's impossible to eliminate risks altogether short of living completely off the grid. The hacking of Jeff Bezos' phone underlines this principle that there is always some degree of risk -- and reminds us that we must take proactive measures to protect ourselves."