CISA Releases Best Practices Guide to Protect Mobile Communications from Cyber Threats

The Cybersecurity and Infrastructure Security Agency (CISA) has issued updated guidance to mitigate the risks of cyber espionage targeted at mobile communications. This document responds to identified cyber espionage activities linked to state-affiliated actors of the People’s Republic of China (PRC) that have compromised commercial telecommunications infrastructure in the United States.

Purpose of the Guidance

The guidance is specifically aimed at highly exposed individuals, such as senior government officials and politicians, who may be attractive targets for these malicious actors. The guidance promotes measures that enhance the protection of sensitive communications, offering practical solutions to mitigate risks in an increasingly sophisticated digital threat environment.

General Recommendations

Among the main actions recommended by CISA are:

1. Use end-to-end encrypted communications: Applications like Signal, compatible with both iPhone and Android, are recommended, as they support group chats and secure calls. Additionally, these tools offer self-destructing messages and file functions for greater privacy.
2. Strong authentication with FIDO: Hardware-based authentication, such as Yubico or Google Titan security keys, offers resistance to phishing techniques and exceeds the limitations of traditional authentication methods.
3. Avoid SMS as an authentication method: Since SMS messages are vulnerable to interception, CISA urges a shift towards more secure authenticator applications, such as Google Authenticator or Authy.
4. Use password managers: Tools like LastPass or 1Password help manage strong, unique passwords, reducing the likelihood of unauthorized access.
5. Set up a PIN for telecommunications accounts: This measure protects against SIM swapping techniques used to take control of phone numbers.

Specific Measures for iPhone and Android

The guidance details specific recommendations based on the mobile device’s operating system:

• For iPhone:
  • Activate Lockdown mode to limit vulnerable functions and applications.
  • Use services like iCloud Private Relay to protect web browsing traffic in Safari.
  • Disable SMS messaging as a fallback for iMessage.
• For Android:
  • Select models with a proven track record of regular security updates.
  • Configure DNSDNS (Domain Name System) is a system for domain name… settings to private options in trusted applications like Cloudflare or Quad9.
  • Enable enhanced protection features in Google Chrome and Play Protect.

The Importance of Software Updates

CISA emphasizes the necessity of keeping devices and applications updated by checking for security patch installations weekly. Furthermore, it recommends opting for recent hardware models that incorporate advanced protection features.

A Call to Action

CISA stresses that no solution is completely foolproof, but implementing these practices significantly reduces the risks of cyberattacks. It also encourages reporting related incidents through its hotline and online platform, providing details to facilitate response efforts.

In a context where cyber threats are rapidly evolving, CISA’s guidance is a reminder that security in mobile communications requires a proactive approach. These recommendations not only protect the most exposed individuals but also reinforce collective resilience against malicious actors.

via: CISA