WASHINGTON – The federal government on Friday warned the public about the risks of commercial surveillance tools used to spy on journalists and political dissidents by infecting their phones with malware.
The warning, published by the National Counterintelligence and Security Center, came after the actions of the Biden government in November against the NSO group, an Israeli surveillance company, and other companies that have developed malware. When placed on a target’s phone, the software provides access to almost all of the content on the device.
The administration has tried to make it harder for surveillance companies to get out of the business of developing commercial spyware that can be misused. US officials increasingly fear that the spyware can be placed on diplomats’ phones to learn government secrets and that authoritarian governments use it to track the work of journalists and political enemies.
The most insidious spyware can be installed on a phone without enticing a user to click on a malicious link. Such zero-click exploits are difficult to fend off, but the security center on Friday outlined steps that can reduce the risk, such as updating devices with the latest operating systems.
Last year, Apple has discovered spyware which allowed widespread access to equipment used by US diplomats in Uganda. The discovery was made public shortly after the Biden government took action against companies developing such software, including the NSO group.
NSO has long insisted that it select and screen its customers and reject many who would abuse the spyware. But tech firms and organizations defending political dissidents have challenged their track record.
The United States discovered in November that NSO’s software and operations were contrary to the interests of American foreign policy. The Ministry of Commerce the company on its “entity list,“Which forbids him to receive key US technologies.
The Biden government also took action against another Israeli company, Candiru, as well as against companies based in Russia and Singapore. They were not accused of hacking journalists or dissidents’ phones, but of providing them with the tools.
The warning from the National Counterintelligence and Security Center – which is tasked with warning the public of the dangers of espionage and is part of the office of the director of the National Intelligence Service – is intended to build on the actions of the Department of Commerce and raise awareness of the risks of spyware.
“While ordinary American citizens may not be the primary target, we were deeply concerned that certain governments were using commercial surveillance software in a manner that would pose a serious risk to the security and security of US personnel and systems, including targeting journalists and human rights defenders . “Or others who are perceived as critics of the regime around the world,” said Dean Boyd, a spokesman for the center.
Little can be done to prevent the most advanced spyware from being placed on a phone. But less mature software is still based on malicious links, which means that avoiding suspicious emails, attachments, and messages can prevent some attacks.
Some of the center’s recommendations, like turning off options that allow a phone to track its location or covering cameras, will be more difficult to follow as they interfere with the features that make smartphones useful.
However, other best practices included in the warning are relatively straightforward. The recommendations included restarting mobile devices regularly to remove or damage some types of malware residing in their memory rather than in memory.
What you should know about ransomware attacks
The center also recommended maintaining physical control of the devices and Use trusted virtual private networks.
“These steps, while reducing risks, do not eliminate them,” said the center. “It’s always safest to act like the device is compromised, so watch out for sensitive content.”
Christoph Hebeisen, director of security intelligence research at the anti-malware company Lookout, said that while phones have modern operating software with good security, many people are not aware of the vulnerabilities.
“People don’t know that their phones are essentially computers that are always connected to the internet and still open to attack,” he said.
Lookout investigated the NSO-developed Pegasus spyware to find out how it uses exploits to take over all functions of a phone.
People often use apps that send encrypted data over the internet; However, this information must be unencrypted on the phone and spyware like Pegasus can read it.
“Your device has the key,” said Mr. Hebeisen. “And at that point it becomes possible to get the data.”