If you are like most of the world these days you move through your day and your travels with a phone or other mobile device firmly in your pocket. And while we don’t think about it that much, your phone is constantly beaconing out to connect to things in the general area. Whether it is an open Wi-Fi network or the local cell network, it’s always trying to talk to something.
Normally this isn’t a problem, but in the real world it pays to be a little bit paranoid.
So when I see exploits like one detailed here: https://arstechnica.com/gadgets/2020/12/iphone-zero-click-wi-fi-exploit-is-one-of-the-most-breathtaking-hacks-ever/, I sit up and take notice.
Let’s take a high level look at the exploit above. If your iPhone is on the same local network as someone attempting to use the exploit, your phone can be completely owned by them. From access to all the photos on the phone, to all the messages, passwords, email, contacts, etc, hackers can gain full ownership of almost all the data on the phone, wirelessly, with no indication to you that anything happened. Scary, Scary stuff.
Before you throw your iPhone in a blender, please take a deep breath and repeat after me. “The iPhone is the most secure phone on the general market. The iPhone is the most secure phone on the general market.” Cause it is, and if you have updated your phone in the last 6 months your phone is already patched against this exploit.
So how do you protect your phone from hackers if it wasn’t patched? Well there are a couple of key things to do as you go about your digital-first life:
- Be cyber situationally aware
- Keep your mobile device updated
- Use MFA or multi-factor authentication
- Think of using a Virtual Private Network (VPN)
Be Cyber Situationally Aware
As we already mentioned, your mobile device is constantly pinging out. Your mobile provider wants you and your social media/video addicted brain off its network, so it can run faster. So, by default, your mobile device is looking to join a local network. Unless you’re at home or at work and know you can trust your connected network, you really don’t want that to happen.
So how do you stop it? Disabling Auto Connect is a good first start, but that can be a hassle for you when you’re at home or in a trusted environment. As a compromise, clean up your preferred networks under your mobile devices wireless network setup. Be vigilant about it, and audit it every couple of weeks. Remove the SSIDs that you don’t remember or any that aren’t for your house or for your family’s or friends’.
If you are at the airport or the mall, or these days even the supermarket, watch for SSID notifications on your phone. Anything that is free or on an open network, just don’t do it. If you have to look a price up for comparison shopping on Amazon, don’t do it on the open Wi-Fi. Use your cell network. The only time I personally will join a free public Wi-Fi network is if there is absolutely no other way to get the data I am looking for.
If forced to join an open network, take a look at the name first and see if it looks respectable enough to be valid. Sometimes you can save yourself a headache if you learn to just avoid network names like “Black FBI Van Wi-Fi” or “Malware Zoo.”
Also, be aware of airdrop, Bluetooth or other near field connection technologies. Don’t allow or accept connections from people you aren’t directly looking at and have told you they’re going to air drop you a contact (or a kitten photo).
Keep Your Mobile Device Updated
This is the most important and simple suggestion of them all. If your mobile device has an auto update feature that you can turn on in settings, use it. An out-of-date mobile device is a liability when on the move.
Use MFA or Multi-Factor Authentication
The second most important and simple suggestion. Your password is like your social security number. It should be considered compromised at all times. Our top two tips are to change your password on a regular basis and to not use the same password on multiple applications or websites. Most websites and mobile applications today offer MFA (Multi-Factor Authentication) where after you successfully log in with your username and password, you will get a secondary challenge via a different medium, be it a security code via email, text message or an authenticator app. Facial recognition or some other biometric based control are options you may see as well. Some also ask security validation questions about your past.
A quick note on those security validation questions. I would suggest having fun with your answers. Make them brain teasers a bit for yourself. Don’t use: “What’s your mother’s maiden name”, or “Where did you go to high school”, or “What is your eldest child’s first name?” All of those questions are easily answered for you via some online searches or after a review of social media posts. Try the harder questions or make up new answers for those questions that are technically wrong, but something you are going to remember.
Virtual Private Networks
When you make a wireless connection, your mobile device gets a local identifier for that network. Usually this in the form of an IP address. These addresses aren’t unique across the world, but they are going to be unique in that local network. When you make a request from your device to the internet, an external IP address is used and a bridge is created by the network to make sure that the response from the internet to the external IP address is routed to your internal IP address.
This external IP address can be used to gather information about the request. It can provide information like:
- Where the user is (Geo-location)
- Which provider or ISP the user is on
- Specific request information: the logging of the request, where it was going, how long the connection was open, how much data was transferred
While the answers to the questions above aren’t explicitly privacy issues, they can be combined with other data to make a pretty solid profile of your browsing tendencies and where you are.
VPNs, or virtual private networks, provide a layer of privacy between you, your mobile device and the internet. A local VPN creates an encrypted connection, or tunnel, between your device and a computer somewhere else in the world. All requests and network communications are sent through this tunnel. This provides several advantages for your privacy.
First, your external IP address is no longer an accurate identifier for where you are. Nor can your provider or ISP be correctly identified any longer. VPNs also mass connections to single servers, so your connections and browsing activity is mixed in amongst multiple other users at the same time.
Second, if you are on a shared local network — like one of those free Wi-Fi hotspots because you absolutely had too — your traffic is much harder to snoop. As it’s encrypted from your mobile device to another computer via a tunnel, all your local data is compressed and mixed up. It can still be scooped and sniffed, but you’ve made the job exponentially harder for any hacker.
A side benefit to the VPN is changing your physical location for streaming services. Use YouTube TV and want to watch a local game that is blacked out in your area? Turn on your VPN application and point to a computer on the other side of the country. Want to watch that geolocation-locked show on Netflix? Connect to a computer in another country and stream away.
In our current world we are using our mobile devices more than ever for both our personal and business needs. From a business perspective this can be worrying based on the scale of mobile devices out there in the hands of a company’s employees. Employers should discuss these topics internally not just for the company’s security but for their employees’ as well.
Cyber situational awareness and defense is built off visibility. You can be aware of your surroundings and digital footprint, but for your company, it’s going to be a larger task.
Every defense is unique and deepwatch provides the insights and process to assist you in understanding the best steps to take to protect your online identity. Offering endless resources, managed detection and response services, and vulnerability management, the deepwatch team is your secret weapon for always staying one step ahead of a cyberthreat.
For more information on how to protect your business from hackers, contact deepwatch today.