Concerns about the security risks of mobile messaging are increasing with concerns over the security of messaging between platforms like iPhone and Android have significantly increased. At the same time, Apple has launched its own RCS messaging system that will compete with WhatsApp and other messaging platforms. US authorities are telling the public to adopt fully encrypted communication services to protect against growing cyber threats. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have published a warning after several wide-ranging cyber-attacks attributed to the Chinese nation-sate hackers known as Salt Typhoon.[1]
See: https://redskyalliance.org/xindustry/are-you-talking-on-a-party-line
These attacks have highlighted critical vulnerabilities within US communication networks, highlighting the risk of intercepted communications when using standard text messaging. CISA's advice coincides with recommendations from Apple, Google, and Meta, who advocate for encrypted services precisely because they render intercepted messages unreadable to outside parties,
CISA and the FBI emphasize that encryption should be the default for all personal and professional communications, with the aim that encryption ensures that even if messages are intercepted, they remain unreadable. They specifically advised against using traditional SMS or RCS messaging due to the security gaps in cross-platform encryption. SaltWhile encryption is available within Android-to-Android messaging, cross-platform messaging remains unencrypted, leaving a critical vulnerability for users of different devices.
Despite discussions between Google and the Global System for Mobile Communications organization about improving RCS security, a timescale for end-to-end encryption across different platforms has yet to be agreed. Increasing cyber-attacks on political figures and other high-profile individuals illustrate the need for secure encrypted communications to protect against data breaches and intrusions on privacy.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424
[1] https://www.cybersecurityintelligence.com/blog/fbi-and-cisa-advice---use-encrypted-messaging--8122.html
Comments