As a member of the secretive Senate Intelligence Committee, Sen. Angus King has reason to worry about hackers. At a briefing by security staff this year, he said he got some advice on how to help keep his cellphone secure.
Step One: Turn off phone.
Step Two: Turn it back on.
That's it. At a time of widespread digital insecurity it turns out that the oldest and simplest computer fix there is — turning a device off then back on again — can thwart hackers from stealing information from smartphones.
Regularly rebooting phones won't stop the army of cybercriminals or spy-for-hire firms that have sowed chaos and doubt about the ability to keep any information safe and private in our digital lives. But it can make even the most sophisticated hackers work harder to maintain access and steal data from a phone.
"This is all about imposing cost on these malicious actors," said Neal Ziring, technical director of the National Security Agency's cybersecurity directorate.
The NSA issued a "best practices" guide for mobile device security last year in which it recommends rebooting a phone every week as a way to stop hacking.
King, an independent from Maine says rebooting his phone is now part of his routine.
"I'd say probably once a week, whenever I think of it," he said.
Almost always in arm's reach, rarely turned off and holding huge stores of personal and sensitive data, cellphones have become top targets for hackers looking to steal text messages, contacts and photos, as well as track users' locations and even secretly turn on their video and microphones.
"I always think of phones as like our digital soul," said Patrick Wardle, a security expert and former NSA researcher.
The number of people whose phones are hacked each year is unknowable, but evidence suggests it's significant. A recent investigation into phone hacking by a global media consortium has caused political uproars in France, India, Hungary and elsewhere after researchers found scores of journalists, human rights activists and politicians on a leaked list of what were believed to be potential targets of an Israeli hacker-for-hire company.
The advice to periodically reboot a phone reflects, in part, a change in how top hackers are gaining access to mobile devices and the rise of so-called "zero-click" exploits that work without any user interaction instead of trying to get users to open something that's secretly infected.
"There's been this evolution away from having a target click on a dodgy link," said Bill Marczak, a senior researcher at Citizen Lab an internet civil rights watchdog at the University of Toronto.
Typically, once hackers gain access to a device or network, they look for ways to persist in the system by installing malicious software to a computer's root file system. But that’s become more difficult as phone manufacturers such as Apple and Google have strong security to block malware from core operating systems, Ziring said.
"It's very difficult for an attacker to burrow into that layer in order to gain persistence," he said.
That encourages hackers to opt for "in-memory payloads" that are harder to detect and trace back to whoever sent them. Such hacks can’t survive a reboot, but often don’t need to since many people rarely turn their phones off.
"Adversaries came to the realization they don't need to persist," Wardle said. "If they could do a one-time pull and exfiltrate all your chat messages and your contact and your passwords, it's almost game over anyways, right?"
A robust market currently exists for hacking tools that can break into phones. Some companies like Zerodium and Crowdfence publicly offer millions of dollars for zero-click exploits.
And hacker-for-hire companies that sell mobile-device hacking services to governments and law enforcement agencies have proliferated in recent years. The most well known is the Israeli-based NSO Group whose spyware researchers say has been used around the world to break into the phones of human rights activists, journalists, and even members of the Catholic clergy.
NSO Group is the focus of the recent exposés by a media consortium that reported the company's spyware tool Pegasus was used in 37 instances of successful or attempted phone hacks of business executives, human rights activists and others, according to The Washington Post.
The company is also being sued in the U.S. by Facebook for allegedly targeting some 1,400 users of its encrypted messaging service WhatsApp with a zero-click exploit.
NSO Group has said it only sells its spyware to "vetted government agencies" for use against terrorists and major criminals. The company did not respond to a request for comment.
The persistence of NSO’s spyware used to be a selling point of the company. Several years ago its U.S.-based subsidy pitched law enforcement agencies a phone hacking tool that would survive even a factory reset of a phone, according to documents obtained by Vice News.
But Marczak, who has tracked NSO Group's activists closely for years, said it looks like the company first starting using zero-click exploits that forgo persistence around 2019.
He said victims in the WhatsApp case would see an incoming call for a few rings before the spyware was installed. In 2020, Marczak and Citizen Lab exposed another zero-click hack attributed to NSO Group that targeted several journalists at Al Jazeera. In that case, the hackers used Apple's iMessage texting service.
"There was nothing that any of the targets reported seeing on their screen. So that one was both completely invisible as well as not requiring any user interaction," Marczak said.
With such a powerful tool at their disposal, Marczak said rebooting your phone won't do much to stop determined hackers. Once you reboot, they could simply send another zero-click.
"It's sort of just a different model, it's persistence through reinfection," he said.
The NSA's guide also acknowledges that rebooting a phone works only sometimes. The agency's guide for mobile devices has an even simpler piece of advice to really make sure hackers aren't secretly turning on your phone's camera or microphone to record you: don't carry it with you.
- Britain, Holland and US spearhead fightback against Putin's cyber war as they reveal how Moscow's web of hackers hit high-profile targets across the globe - including chemical weapons watchdog probing Salisbury attack
- Leaving Bluetooth on lets thieves pinpoint EXACTLY where you left your phone, police warn
- The Quickest Ways to Turn Your Screen Off in Windows
- Microsoft Band 2.0: Big steps forward mean you just might ditch your trainer
- Turn-based tactics won the decade
- Here are 6 new things your next Android phone could do
- Spying fears over Huawei 50x super-zoom feature that turns your phone into ‘portable telescope’
- Stop phubbing: 5 places, situations where it is absolutely rude to use your phone
- Trainer behind Margot Robbie's incredible figure reveals the NINE steps to a Hollywood body - and the diet plan he swears by for rippling abs
- How to Turn Off Mail Notifications in Windows 10
- 6 simple ways to stop advertisers from following you online
- How to Turn an Android Phone Into a Dumbphone in 8 Steps
- You’re not paranoid. Your phone really is listening in.
- Keep robocalls from pestering your phone. Here's what you can do
- How to back up your iPhone without missing these tricky steps
- 10 Simple Tricks to Boost Your Smartphone Photography
- What Is Samsung DeX? Use It to Turn Your Phone Into a Computer
- Why nation-state hacking groups are increasingly turning to mobile malware
- A new hack can turn an Echo into a live microphone
- This WhatsApp bug could allow hackers to crash the app and delete group chats forever
|Metra Chrysler CAN Amp Turn-On Adapter (check at Amazon)||4.2|
|Just Walk Across the Room Video Study: Four Sessions on Simple Steps Pointing People to Faith $18.95 (check at Amazon)||4.3|
|Just Walk Across the Room: Four Sessions on Simple Steps Pointing People to Faith (check at Amazon)||0.0|
|Celebright LED Bracelets - New - Flashing, Glowing, for Parties and Birthdays - Bracelet Multi-color Pack - Turn On and Off (check at Amazon)||4.9|
|International Playthings Calico Critters Cloverleaf Corners Town House with Turn On/Off Lights (check at Amazon)||0.0|
|Earthquake Sound PS100 Car Stereo & Amplifier Turn On/Off Thump Pop Stopper Amp (check at Amazon)||0.0|
|GERI® DC 12V Delay Relay Delay Turn On / Turn Off Switch Module with Timer (check at Amazon)||0.0|
|AXXESS CHTO-03 - Turn-On Interfaces - 07-UP CHRYSLER/DODGE/JEEP CAN AMP TURN-ON (check at Amazon)||0.0|
|3' 120V 5-Outlet USB Controlled Surge Protector - Easily Turn On/Off Your AC Devices Through Your PC's Power Button! (check at Amazon)||0.0|
|Furman POWERPORT Remote Power Controller, 20 Amp, Adjustable Turn-on and Turn-off Delays of Outlets (check at Amazon)||0.0|
|Wifi Turn On, Wifi Turn Off (check at Amazon)||0.0|
|Bluetooth Turn Off, Turn On (check at Amazon)||0.0|
|General Electric 24-hour Mechanical Timer - Automatically Turns On/off Electrical Items by GE (check at Amazon)||0.0|
|IT Crowd "Have you tried turning it off and on?" 1- 16oz Black Ceramic Coffee Mug - Microwave and dishwasher safe - (check at Amazon)||0.0|
|Onite Rechargeable USB LED Camping Candles, Bedroom Table Lamp, Blow Light with Turn On / Off by Airflow Sensors (Blue) (check at Amazon)||0.0|
|Generic ALS-12/2269 Automatic Light Control Sensors Turn On at Dusk Off at Dawn, 2 Pack (check at Amazon)||0.0|
|The Clapper - 110v Two Claps, and You Can Turn on a Lamp. (check at Amazon)||0.0|
|HARRY POTTER DUMBLEDORE HAPPINESS CAN BE FOUND TURN ON THE LIGHT VINYL WALL DECAL HOME DECOR QUOTE (check at Amazon)||0.0|
|Xodus Innovations BL200 In Cabinet LED Battery Light Automatically Turns On/Off when Door Opens/Closes (check at Amazon)||0.0|
|2 Pack Lamp Sensor Automatic Light Holder Sockets, Photo Cell Sensors Auto Turn On At Dusk Off at Dawn 2 Pack (check at Amazon)||0.0|
|Indoor/Outdoor Light Sensor for both Incandescent and Fluorescent Lights! Turns on at dusk and off 6 Hours Later (check at Amazon)||0.0|
|Flip Alarm Clock - Turn ON and OFF the Alarm By Simply Flipping the Clock (check at Amazon)||0.0|
|Harry Potter... Happiness can be found, even in the darkest of times, if one only remembers to turn on the light (check at Amazon)||0.0|
|Daffodil LEC006R - 6 Red LED Tealights - Set of Flameless Candles with Holders - Blow to Turn On and Off (check at Amazon)||0.0|
|Orvibo Wi-Fi Smart Socket Outlet US Plug, Turn ON/OFF Electronics from Anywhere, White (HomeMate-S25) (check at Amazon)||0.0|
|GEREE DC 12V delay relay Turn on / Turn off switch module with timer up to 1 hour (check at Amazon)||0.0|
|GEREE DC 12V timer relay module Turn on / Turn off relay module with reset , Attracting and disconnect delay relay up to 1 hour (check at Amazon)||0.0|
|Just Walk Across the Room Participant's Guide with DVD: Four Sessions on Simple Steps Pointing People to Faith (check at Amazon)||0.0|
|Mama Needs a Do-Over: Simple Steps to Turning a Hard Day Around (check at Amazon)||0.0|
|The Cat Who Turned On and Off (check at Amazon)||0.0|
|The Cat Who...Could Read Backwards/Ate Danish Modern/Turned On and Off (Three Novels Complete and Unabridged) (check at Amazon)||0.0|
|Turn On the Light So I Can Hear (check at Amazon)||0.0|
|The Rich Switch - The Simple 3-Step System to Turn on Instant Wealth Using the Law of Attraction (check at Amazon)||0.0|
|Passion, Plan, Profit: 12 Simple Steps to Turn Your Passion into a Solid Business (check at Amazon)||0.0|
|Three Complete Novels: The Cat Who Could Read Backwards / The Cat Who Ate Danish Modern / The Cat Who Turned On and Off (check at Amazon)||0.0|
|Low-Fat Living: Turn Off the Fat-Makers Turn on the Fat-Burners for Longevity Energy Weight Loss Freedom from Disease (check at Amazon)||0.0|
|Just Do It: How One Couple Turned Off the TV and Turned On Their Sex Lives for 101 Days (No Excuses!) (check at Amazon)||0.0|
|Just Walk Across the Room Participant's Guide: Four Sessions on Simple Steps Pointing People to Faith (Zondervangroupware) (check at Amazon)||0.0|
|Just Walk Across the Room Updated Curriculum Kit: Four Sessions on Simple Steps Pointing People to Faith (check at Amazon)||0.0|
|The Cat Who Turned On and Off (Jim Qwilleran Feline Whodunnit) (check at Amazon)||0.0|
|Trains Make U-turns: 5 Simple Steps to Get Your Life on Track (check at Amazon)||0.0|
|THREE NOVELS, COMPLETE AND UNABRIDGED, THE CAT WHO COULD READ BACKWARDS, ATE DANISH MODERN, TURNED ON AND OFF (check at Amazon)||0.0|
|U Turn Your Life: 5 Simple Steps to Achieve Success - Starting Now! (check at Amazon)||0.0|
|Attention Difference Disorder: How to Turn Your ADHD Child or Teen's Differences into Strengths in 7 Simple Steps (check at Amazon)||0.0|
|Step Back Science - Turn on the Faucet (check at Amazon)||0.0|
|Have It All: Turn your thinking around and find success in 6 simple steps (check at Amazon)||0.0|
|Low-Fat Living: Turn off the Fat-Makers, Turn on the Fat-Burners for Longevity, Energy, Weight Loss, Freedom from Disease (check at Amazon)||0.0|
|Turn on the Lights: (So You Can See) (check at Amazon)||0.0|
|Just Walk Across the Room: Four Sessions on Simple Steps Pointing People to Faith [JUST WALK ACROSS THE R] (check at Amazon)||0.0|
|Raising Generation Xxl: The Scoop On Simple Steps To Transform Your Kids From Fat To Fit. (check at Amazon)||0.0|
Turn off, turn on: Simple step can thwart top phone hackers have 2284 words, post on www.independent.co.uk at July 28, 2021. This is cached page on USA Breaking News. If you want remove this page, please contact us.