American spy agency’s top tip for avoiding a phone hack


The NSA has offered tips on how to avoid having a phone hack scandal of your own. Photo: TND
An American spy agency, best known for its widespread collection of phone data, has offered out its top security tip to avoid a phone hack: Just turn your device on and off again.
The National Security Agency, America’s domestic intelligence agency, recommends that users of iPhones and Android devices turn their phones on and off again at least once a week, alongside a host of other security measures.
The NSA said that threats to mobile devices are more prevalent and increasing in scope and complexity.
“Users of mobile devices desire to take full advantage of the features available on those devices,” the fact sheet said.
“Many of the features provide convenience and capability but sacrifice security.”
Some of the NSA’s other measures included being cautious of the personal data entered into applications and closing them when not in use.
“Update device software and applications as soon as possible,” the NSA said.
“Install only a minimal amount of applications and only ones from official application stores.”

The NSA is offering some helpful tips on securing mobile phone devices. Photo: NSA
Identifying a hack
There are several ways to identify if your phone has been hacked, according to computer security company Norton.
They range from high data usage because spyware and malware constantly run in the background, to persistent pop-ups and new apps appearing on the device.
Other signs that your device may have been compromised include the battery draining quickly and unrecognised outgoing calls.
Norton recommended that if a device has been hacked, the user should delete any suspicious apps, run anti-malware software, change passwords, reset the device and inform contacts to ignore suspicious messages.
Vectors of attack
Mobile phones have never been secure, but their ubiquitous use in modern life has made them a high-profile target.
The NSA itself was caught up in a data collection scandal, after whistleblower Edward Snowden revealed that the agency, in collaboration with the CIA and FBI, had collected telephone, internet and location data on millions of people.
New vectors of attack from software like Pegasus, developed by an Israeli company NGO group, allow attackers to remotely install spyware using a zero-click exploit, making the victim’s text messages, calls, passwords, location tracking, microphone access and camera available to the nefarious actor that deployed it.
It wasn’t until 2016 that the public became aware of the software, which had been deployed on dissident journalists and the world’s richest people.
Jeff Bezos, the founder of Amazon, was a victim of Pegasus when messages between him and Mohammed Bin Salman, the Crown Prince of Saudi Arabia, were exploited through a Whatsapp vulnerability.
Since then, other companies have developed and sold their own zero-click phone hacking software, while the FBI purchased a license for Pegasus for its own research and development.