From 2013 to 2015, new mobile vulnerabilities increased from 127 to 528, or about 214%, according to Symantec’s 2016 Internet Security Threat Report.
And some of the vulnerabilities are downright terrifying.
A recent 60 Minutes report recently highlighted one particular exploit that gives hackers access to your phone call and messages by just having your phone number.
So how can you protect yourself?
We asked Dr. Anup Ghosh, CEO of the security firm Invincea, for some tips on how consumers can keep their smartphones safe from cyber criminals.
Ghosh, who is also a former DARPA scientist, told Tech Insider there are three simple things you can do to help protect your smartphone from hackers.
- Use encrypted messaging services for communications
As the 60 Minutes report pointed out, there is a vulnerability in a network protocol called SS7 that makes it possible for hackers to listen to your phone calls, read your messages, and even track your location.
While this kind of attack is rare, it’s harder to protect yourself from because the security flaw exists in the network, which is outside of your control.
However, you can use encrypted messaging systems like Apple’s iMessage, Facebook Messenger, or Wickr Me to help keep your information away from prying eyes.
“There are also apps for secure voice, but they typically require the person you are calling to be on the same app. They will encrypt the data/phone calls making it difficult to capture and analyze,” Ghosh said.
Some of these services include Silent Circle and Open Whisper Systems.
- Even if your phone is new, make sure the OS is updated
You should always keep your phone’s operating system updated so hackers can’t take advantage of any vulnerabilities in old software.
But you should also check to make sure software on any new mobile device, especially those that have an Android operating system, are up-to-date, as well.
“You see this a lot more on Android than on Apple, the Android operating system that you get from your carrier on your phone tends to be out of date on day one, sometimes by years,” Ghosh said.
“So that means that adversaries could take advantage of those vulnerabilities on those devices to be able to exploit them. Making sure your device OS whether iOS or Android is updated to the most recently supported version could help close some of those known vulnerabilities.”
- Be careful what apps you download
Apps you download can collect all kinds of information about you, so it’s important that you are only downloading apps from reputable sources, Ghosh said.
“If you look at how do these devices get compromised in the first place, it’s almost always untrusted content that you are putting on it,” Ghosh said. “Some apps collect your movements, like your GPS, others mine your contacts for information, and then others might actually do malicious things to your device itself. So I would say the number one thing you can do as an individual is make sure you’re only downloading apps from an app store where the app has been vetted.”
In fact, Symantec analyzed 10.8 million apps in 2015 and found that 3.3 million of those apps classified as malicious.
Because Apple has a closed ecosystem and vets all of the apps before allowing them into its App Store, apps for iPhones tend to be more secure, he said. So Android users need to be especially aware of where they are getting their apps and they should always make sure the maker is a trusted company.
Source: Tech Insider