Anyone with an iPhone or Android should turn their device on and off once a week, officials say — to protect it from hackers.
The goal is to thwart “zero-click” hacks, which involve downloading spyware to users’ phones without them clicking on a link.
The National Security Agency (NSA) supports a restart method that temporarily erases the massive store of information that runs continuously in the background—for example, in our applications or Internet browsers.
The NSA also warned that users should be careful when connecting to public WiFi networks and are advised to regularly update their phone’s software and apps.
Android and iPhone users have been instructed to restart their phones once a week and turn off WiFi and Bluetooth to avoid cyber security attacks. Criminals can use zero-click exploits to infect devices and collect data without the user having to click on a link or download a file.
The NSA document outlines many steps that all iPhone and Android users should take to mitigate the risk of cyber attack.
Restarting your phone is one of the lesser known methods.
Unlike other forms of malware, zero-click attacks require no interaction from the victim.
Hackers prey on software vulnerabilities and gain access to devices without tricking you into clicking a malicious link or downloading a malicious file.
If the system is not turned off and on, a cybercriminal can manipulate the open URLs and run code that installs malicious files on the device.
Turning your phone off and on again will close all apps and log you out of all bank and social media accounts, preventing hackers from accessing sensitive information.
The reboot method also has the same effect on spear-phishing attacks – when an attacker sends targeted phishing emails to steal sensitive information such as login credentials.
According to a 2015 Pew Research study, nearly half of smartphone owners said they rarely or never turned off their cell phone, while 82 percent said they never or rarely restarted their phone.
The NSA document also informed users that it is important to update software and apps frequently to keep your device secure.
Over time, hackers will find new ways to break into your system, but updating your old software will remove any potential bugs or loopholes they could have used to access your data.
The NSA recommended that people disable their Bluetooth when not in use because it reduces the chance of people gaining unauthorized access to their devices.
The NSA also recommended that people disable their Bluetooth when not in use, as it reduces the chance of people gaining unauthorized access to their devices.
The advice is not 100 percent effective, the NSA warned, but should provide partial protection against certain malicious activity.
“Threats to mobile devices are becoming more widespread and growing in scope and complexity,” the NSA warned, adding that some smartphone features “provide convenience and capabilities but sacrifice security.”
Users should also turn off their WiFi and remove unused networks that cybercriminals can use to target their phones.
When connecting to a WiFi network, it’s important to watch out for SSID Confusion Attacks, which trick users into connecting to their hotspot instead of an official WiFi device by using a similar network name.
A strong lock screen with a minimum six-digit PIN adds much-needed protection, combined with a feature that prompts the smartphone to wipe itself after 10 incorrect attempts.
She further warned that people should avoid opening email attachments or links from an unknown source, which could install malicious software without the person’s knowledge.
“Falling for social engineering tactics, such as responding to spam emails asking for sensitive information, can lead to account compromise and identity theft,” Oliver Page, CEO of cybersecurity firm Cybernut, told Forbes.
“These phishing attempts often impersonate legitimate entities and trick individuals into divulging confidential details.
The NSA warned that the advice is not 100 percent effective, but will provide at least partial protection against certain malicious activity
“Trusting phone calls or messages without verification can lead to serious consequences as fraudsters manipulate victims into divulging sensitive information or taking actions that compromise their safety.”
The Federal Communications Commission (FCC) has also strongly warned users against removing any security settings that could give cybercriminals an opportunity to break into the phone.
“Factory setting, jailbreaking, or rooting your phone undermines the built-in security features offered by your wireless service and smartphone while making it more vulnerable to attack,” the FCC warned.
According to Statista, 353 million people’s data was compromised in the US last year, including breaches, leaks and disclosures.
However, the last major zero-click exploit occurred in 2021, which targeted Apple’s iMessage app and used a vulnerability related to the way the app handled images.
The attack was capable to bypass Apple’s BlastDoor security feature, which was designed to prevent such attacks.
The tech giant has filed a lawsuit against NSO Group, an Israeli cyber intelligence firm best known for its proprietary zero-click Pegasus spyware.
Security researchers told Wired that the attack is “one of the most technically sophisticated exploits” they’ve ever seen.