CISA & UK NCSC Issue Urgent Warnings: Secure iPhones & Androids Against Rising Cyber Threats
WASHINGTON D.C.- In response to a surge in sophisticated cyberattacks targeting mobile devices, the Cybersecurity and Infrastructure Security Agency (CISA) and the U.K.’s National Cyber Security Center (NCSC) are urging iPhone and Android users to instantly bolster their device security. The warnings come as hackers increasingly target smartphones – valuable repositories of sensitive personal and professional data - including banking facts, social media accounts, work emails, and private communications.
According to CISA, individuals in high-risk roles - journalists, political workers, military members, and government employees – are particularly vulnerable. However,the agency stresses that ordinary users can also be affected as collateral damage,making proactive security measures crucial for everyone.
“Securing your phone is a smart decision for everyone,” CISA states,highlighting the growing threat landscape.
Securing Your iPhone: CISA Recommendations
CISA recommends the following steps for iPhone users to enhance their security:
* Enable Lockdown Mode: This feature significantly reduces the attack surface by limiting app functionality,website access,and overall device capabilities,mitigating the risk of spyware.
* Disable “Send as SMS”: This prevents the transmission of unencrypted text messages when iMessage is unavailable, protecting message content.
* Utilize iCloud Private Relay: This service obscures internet activity,specifically DNS queries,from potential attackers.
* Review App Permissions: Users should meticulously examine and remove unneeded permissions granted to apps, particularly access to the camera, microphone, and location.
Android Security: Key Steps for Users
Android users are advised to take the following precautions:
* Prioritize Devices with Long-Term Security Support: Selecting brands known for consistent updates and robust hardware-level security is paramount.
* Employ Encrypted RCS Messaging: ensure end-to-end encryption is activated for RCS messaging.
* Configure Private DNS: Utilizing trusted DNS services such as 1.1.1.1, 8.8.8.8, or 9.9.9.9 can enhance privacy.
* Enable Secure Connections in Chrome: Activate “always use secure connections” and “enhanced protection” within the Chrome browser.
* Maintain google Play Protect: Keep Google’s built-in malware detection system, Play Protect, enabled.
* Manage App Permissions: Regularly review and revoke unnecessary app permissions, mirroring the iPhone proposal.
UK NCSC Reinforces Best Practices
The U.K.’s NCSC echoes these recommendations, adding further advice including the use of strong screen locks, enabling device tracking features, and consistently updating both the phone’s operating system and installed applications. The NCSC also cautions against connecting to unknown Wi-Fi networks, advising the use of mobile data as a safer choice when security is a concern, despite the generally low risk posed by encrypted websites.
Both CISA and the NCSC emphasize that in the face of rapidly evolving cyber threats, a secure smartphone is no longer a luxury, but a necessity. Taking a few minutes to adjust security settings can significantly protect personal privacy and sensitive information.
