The FBI has set off alarm bells among Android and iPhone users regarding text messaging. Just when the Steve Jobs-founded company’s adoption of RCS seemed to signal a return to messaging, a new obstacle is stopping it. And while messages from Android to Android and Apple to Apple, are secure, the exchange between the different companies is not. Therefore, they recommend caution.
Authorities’ concerns about Chinese cyberattacks
The FBI and CISA, the U.S. Cyber Defense Agency, began to disseminate a warning message to all its citizens. In this announcement, they advised all Americans to use encrypted messages and phone calls responsibly whenever possible. The current concern is the Chinese hacking of U.S. networks. It appears to be ongoing and is likely to be on a larger scale than originally thought. Also, encrypted communications become the best defense against such an attack, and everyone is urged to use them whenever possible.
Cyber attacks on the network, attributed to Salt Typhoon, a group associated with China’s Ministry of Public Security, have generated great concern. These attacks demonstrated vulnerabilities in critical U.S. communications networks. However, the truth is that without fully end-to-end encrypted messages and calls, there has always been the potential for content to be intercepted. For that reason, Apple, Google, Android and Meta recommend their use, highlighting the fact that even they cannot see the content, which led the FBI to do so as well.
The importance of Android and iPhone, according to the FBI
According to a senior FBI official, within investigative activity, especially one as significant and as large as this, the facts will evolve over time. “The ongoing investigation into the People’s Republic of China’s incursion into the Commercial Telecommunications Infrastructure has revealed a broad and significant cyber espionage campaign,” the official said. This has compromised the networks of multiple telecommunications companies to enable illegal activities.
The FBI official warned that citizens should use a cell phone that automatically receives updates from both Android and iPhone. In this framework, it would be most useful to have responsibly managed encryption and phishing-resistant MFA for email accounts, collaboration tools and social networks.
CISA’s Jeff Green: be very careful with text messages
According to information disseminated by Politico, Jeff Green of CISA expressed the importance of encrypted communications to secure networks. He also highlighted that the good thing about this whole situation is that the lack of security in basic SMS and RCS messages has been exposed. For him, it is extremely positive that millions of users are now informed about the risks and can make prudent decisions with this data in hand.
In the same vein, ESET’s Jack Moore says that it is well documented that SMS messages are not encrypted. This means that it can be under surveillance by anyone with the right tools and software knowledge, which is quite dangerous. That is why, like the FBI, he recommends Android and iPhone, which worked their encrypted communication.
What is known so far about the Salt Typhoon attacks?
Regarding what is known about the Salt Typhoon cyberattack, the official warned that call and text message metadata was stolen. However, extensive call and text message content was not stolen. “The actors compromised the private communications of a limited number of individuals who are primarily involved in government political activities. This would have included content from calls and text messages,” the FBI official asserted.
