WASHINGTON – The federal government on Friday warned the public about the dangers of commercial surveillance tools being used to spy on journalists and political dissidents by infecting their phones with malware.
The warning, issued by the National Counter Intelligence and Security Center, comes after the Biden administration took action in November against the NSO Group, an Israeli surveillance company and other companies developing malware. When placed on the target phone, the software gives access to almost all the content on the device.
The administration is trying to make it more difficult for surveillance companies to manage so they can be pushed out of the business of developing commercial spyware that could be abused. U.S. officials are increasingly concerned that spyware could be placed on diplomats’ phones to reveal government secrets, and that dictatorial governments are using it to monitor the work of journalists and political enemies.
The most deceptive spyware can be placed on a phone without deceiving the user by clicking on a malicious link. It’s hard to defend against such zero-click exploitation, but the safety center on Friday Outlined measures that can reduce the risk, Such as updating devices with the latest operating systems.
Last year, Apple discovered spyware that gives broad access to devices used by US diplomats in Uganda. The discovery was made after the Biden administration took action against companies developing such software, including the NSO Group.
The NSO has long insisted that it selects and investigates its customers, eliminating many who would abuse spyware. But technology companies and organizations defending political dissidents have questioned its track record.
The United States learned in November that the NSO’s software and operations were at odds with American foreign policy interests. The Commerce Department has placed the firm on its “entity list”, barring it from acquiring key US technologies.
The Biden administration also took action against other Israeli firms, Candiru, as well as companies based in Russia and Singapore. He was not charged with hacking the phones of journalists or dissidents but providing equipment to customers.
The warning issued by the National Counter Intelligence and Security Center – which is accused of alerting the public to the dangers of espionage and is part of the Office of the Director of National Intelligence – aims to raise awareness of the dangers posed by spyware.
“While everyday American citizens may not be primary targets, we are deeply concerned that some governments are using commercial surveillance software in a way that poses a serious adversity and security risk to US personnel and systems, as well as journalists and human rights activists.” To make a mark. Or others are seen around the world as critics of the regime, “said Dean Boyd, for the Center.
Very little can be done to prevent the most advanced spyware from being placed on the phone. But less sophisticated software still relies on malicious links, meaning some attacks can be prevented by avoiding suspicious emails, attachments and messages.
Some of the center’s recommendations, such as disabling options that allow the phone to track its location or cover the camera, will be more difficult to follow because it interferes with the functionality of the smartphone.
But the other best practices contained in the warning are relatively simple. Recommendations include regularly restarting mobile devices to remove or damage certain types of malware that remain in their memory instead of storage.
What to know about ransomware attacks
The center also recommends maintaining physical control of devices and using a trusted virtual private network.
“While these measures reduce risks, they do not eliminate them,” the center said. “It’s always safe to behave as if the device has been tampered with, so beware of sensitive content.”
Christophe Habisen, director of security intelligence research at the anti-malware firm Lookout, said that while phones have advanced operating software with good security, many people are unaware of the vulnerabilities.
“People don’t realize that their phones are essentially computers that are always connected to the Internet and can be attacked in the same way,” he said.
Lookout has studied the Pegasus spyware developed by NSO on how it uses exploits to capture all the functions of the phone.
People frequently use apps that send encrypted data over the Internet; But that information must be unencrypted on the phone, and spyware like Pegasus can read it.
“Your device has a key,” Mr. Said Habisen. “And at that point, it becomes possible to get the data.”