Sen. King is a member secretive Senate Intelligence Committee. Angus King is concerned about hackers. He said that he received some tips and advice from security personnel this year on how to keep his phone safe.
Step 1: Turn off your phone.
Step 2: Turn it on again
That’s all. At a time of widespread digital insecurity it turns out that the oldest and simplest computer fix there is — turning a device off then back on again — can thwart hackers from stealing information from smartphones.
It won’t stop the hackers or spy-for hire companies that have created chaos in our digital lives and are constantly rebooting phones. It can make it harder for even the most skilled hackers to access and steal data from phones.
“This is about imposing cost upon these malicious actors,” Neal Ziring, technical Director of the National Security Agency’s cybersecurity directorate, said.
The NSA issued a “best practices” guide for mobile device security last year in which it recommends rebooting a phone every week as a way to stop hacking.
King, a Maine independent, said that rebooting his phone has become a regular part of his daily routine.
He said, “I would say probably once per week, whenever it occurs to me.”
Smartphones are almost always within arm’s reach and can hold a lot of sensitive and personal data. Hackers have made them top targets to steal texts, photos, contacts, and text messages. They also track the location and secretly turn on video and microphones.
Patrick Wardle, a former NSA researcher and security expert, said that phones are like our digital soul.
Although it is not known how many people have their phones hacked every year, evidence suggests that it is significant. A recent investigation into phone hacking by a global media consortium has caused political uproars in France, India, Hungary and elsewhere after researchers found scores of journalists, human rights activists and politicians on a leaked list of what were believed to be potential targets of an Israeli hacker-for-hire company.
Recommendations to reboot phones regularly reflect a shift in the way hackers gain access to mobile devices. There are also “zero-click” exploits, which work without user interaction and don’t require any user interaction.
“There has been an evolution away from having targets click on dodgy links,” stated Bill Marczak (a senior researcher at Citizen Lab), an internet civil rights watchdog at University of Toronto.
Hackers typically look for ways to persist in a system once they gain access to it or a network. They do this by installing malicious software to the root file system. Ziring stated that this is becoming more difficult because phone manufacturers like Apple and Google have strong security measures to prevent malware from reaching core operating systems.
He said, “It is very difficult for an attacker that burrows into that layer to gain persistence.”
Hackers are encouraged to use “in-memory” payloads that are more difficult to trace back to the sender. These hacks won’t survive a reboot but are often not necessary since most people don’t turn off their phones.
Wardle stated that “Adversaries realized they don’t have to persist.” It’s not impossible for them to pull off a single pull and steal all your chat messages, contacts, and passwords.
There is a strong market for hacking tools that allow you to break into smartphones. Crowdfence and Zerodium offer zero-click exploits for millions of dollars.
Hacker-for-hire firms that provide mobile-device hacking services have exploded in recent years. NSO Group in Israel is the most well-known. Its spyware researchers claim that it has been used all over the world to hack into phones of journalists, human rights activists, and members of the Catholic clergy.
NSO Group was the subject of recent exposes by a media group that reported that the spyware tool Pegasus had been used in 37 successful or attempted phone hacks against business executives and human rights activists, according to The Washington Post.
Facebook is also suing the company in the U.S. for allegedly targeting 1,400 WhatsApp users with a zero click exploit.
NSO Group stated that it sells its spyware only to “vetted government agency” for use against terrorists or major criminals. The company didn’t respond to our request for comment.
NSO’s persistent spyware was once a major selling point for the company. Vice News documents reveal that the U.S.-based subsidy provided law enforcement agencies with a phone hacking tool that could survive even a factory reset.
Marczak, who has been following NSO Group’s activists for many years, stated that it appears like NSO Group first started using zero-click exploits to forgo persistence in 2019.
He stated that victims of the WhatsApp case would receive an incoming call for just a few rings before spyware was installed. Marczak and Citizen Lab revealed another zero-click hack in 2020 that was attributed to NSO Group. It targeted journalists at Al Jazeera. The hackers used Apple’s iMessage messaging service in that instance.
“There was nothing that targets reported seeing on their screens. Marczak stated that the target was completely invisible and did not require any interaction from users.
Marczak stated that rebooting your phone won’t stop hackers determined to hack it, despite having such a powerful tool at his disposal. They could send another zero-click after you have rebooted.
He said, “It’s kind of just another model, it’s persistence via reinfection.”
In addition, the NSA guide acknowledges that sometimes rebooting a phone does not work. To make sure hackers don’t steal your phone’s camera and microphone, the NSA’s mobile device guide has a simple piece of advice: Don’t take it with you.
