Turn off, turn on: Simple step can thwart top phone hackers

Jul 27, 2021, 10:33 AM | Updated: Jul 28, 2021, 1:15 pm
FILE - In this Feb. 17, 2016, file photo an iPhone is seen in Washington. At a time of widespread d...

FILE - In this Feb. 17, 2016, file photo an iPhone is seen in Washington. At a time of widespread digital insecurity it turns out that the oldest and simplest computer fix there is — turning a device off then back on again — can thwart hackers from stealing information from smartphones. (AP Photo/Carolyn Kaster, File)

(AP Photo/Carolyn Kaster, File)

RICHMOND, Va. (AP) — As a member of the secretive Senate Intelligence Committee, Sen. Angus King has reason to worry about hackers. At a briefing by security staff this year, he said he got some advice on how to help keep his cellphone secure.

Step One: Turn off phone.

Step Two: Turn it back on.

That’s it. At a time of widespread digital insecurity it turns out that the oldest and simplest computer fix there is — turning a device off then back on again — can thwart hackers from stealing information from smartphones.

Regularly rebooting phones won’t stop the army of cybercriminals or spy-for-hire firms that have sowed chaos and doubt about the ability to keep any information safe and private in our digital lives. But it can make even the most sophisticated hackers work harder to maintain access and steal data from a phone.

“This is all about imposing cost on these malicious actors,” said Neal Ziring, technical director of the National Security Agency’s cybersecurity directorate.

The NSA issued a “best practices” guide for mobile device security last year in which it recommends rebooting a phone every week as a way to stop hacking.

King, an independent from Maine, says rebooting his phone is now part of his routine.

“I’d say probably once a week, whenever I think of it,” he said.

Almost always in arm’s reach, rarely turned off and holding huge stores of personal and sensitive data, cellphones have become top targets for hackers looking to steal text messages, contacts and photos, as well as track users’ locations and even secretly turn on their video and microphones.

“I always think of phones as like our digital soul,” said Patrick Wardle, a security expert and former NSA researcher.

The number of people whose phones are hacked each year is unknowable, but evidence suggests it’s significant. A recent investigation into phone hacking by a global media consortium has caused political uproars in France, India, Hungary and elsewhere after researchers found scores of journalists, human rights activists and politicians on a leaked list of what were believed to be potential targets of an Israeli hacker-for-hire company.

The advice to periodically reboot a phone reflects, in part, a change in how top hackers are gaining access to mobile devices and the rise of so-called “zero-click” exploits that work without any user interaction instead of trying to get users to open something that’s secretly infected.

“There’s been this evolution away from having a target click on a dodgy link,” said Bill Marczak, a senior researcher at Citizen Lab, an internet civil rights watchdog at the University of Toronto.

Typically, once hackers gain access to a device or network, they look for ways to persist in the system by installing malicious software to a computer’s root file system. But that’s become more difficult as phone manufacturers such as Apple and Google have strong security to block malware from core operating systems, Ziring said.

“It’s very difficult for an attacker to burrow into that layer in order to gain persistence,” he said.

That encourages hackers to opt for “in-memory payloads” that are harder to detect and trace back to whoever sent them. Such hacks can’t survive a reboot, but often don’t need to since many people rarely turn their phones off.

“Adversaries came to the realization they don’t need to persist,” Wardle said. “If they could do a one-time pull and exfiltrate all your chat messages and your contact and your passwords, it’s almost game over anyways, right?”

A robust market currently exists for hacking tools that can break into phones. Some companies like Zerodium and Crowdfence publicly offer millions of dollars for zero-click exploits.

And hacker-for-hire companies that sell mobile-device hacking services to governments and law enforcement agencies have proliferated in recent years. The most well known is the Israeli-based NSO Group, whose spyware researchers say has been used around the world to break into the phones of human rights activists, journalists, and even members of the Catholic clergy.

NSO Group is the focus of the recent exposés by a media consortium that reported the company’s spyware tool Pegasus was used in 37 instances of successful or attempted phone hacks of business executives, human rights activists and others, according to The Washington Post.

The company is also being sued in the U.S. by Facebook for allegedly targeting some 1,400 users of its encrypted messaging service WhatsApp with a zero-click exploit.

NSO Group has said it only sells its spyware to “vetted government agencies” for use against terrorists and major criminals. The company did not respond to a request for comment.

The persistence of NSO’s spyware used to be a selling point of the company. Several years ago its U.S.-based subsidy pitched law enforcement agencies a phone hacking tool that would survive even a factory reset of a phone, according to documents obtained by Vice News.

But Marczak, who has tracked NSO Group’s activists closely for years, said it looks like the company first starting using zero-click exploits that forgo persistence around 2019.

He said victims in the WhatsApp case would see an incoming call for a few rings before the spyware was installed. In 2020, Marczak and Citizen Lab exposed another zero-click hack attributed to NSO Group that targeted several journalists at Al Jazeera. In that case, the hackers used Apple’s iMessage texting service.

“There was nothing that any of the targets reported seeing on their screen. So that one was both completely invisible as well as not requiring any user interaction,” Marczak said.

With such a powerful tool at their disposal, Marczak said rebooting your phone won’t do much to stop determined hackers. Once you reboot, they could simply send another zero-click.

“It’s sort of just a different model, it’s persistence through reinfection,” he said.

The NSA’s guide also acknowledges that rebooting a phone works only sometimes. The agency’s guide for mobile devices has an even simpler piece of advice to really make sure hackers aren’t secretly turning on your phone’s camera or microphone to record you: don’t carry it with you.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

FILE - In this May 6, 2021 file photo, Maricopa County ballots cast in the 2020 general election ar...
Associated Press

EXPLAINER: As Arizona election ‘audit’ ends, new ones begin

HARRISBURG, Pa. (AP) — The most closely watched attempt by Republicans to examine the 2020 presidential election in a battleground state lost by former President Donald Trump is coming to an embarrassing end in Arizona, but their efforts are cranking up elsewhere. The most recent is in Republican-controlled Texas, where the secretary of state’s office […]
1 day ago
DUNMORE, Pa. (AP) — Four teenagers have been charged with a plot to attack a Pennsylvania hig...
Associated Press

4 accused of plotting school attack on Columbine anniversary

DUNMORE, Pa. (AP) — Four teenagers have been charged with a plot to attack a Pennsylvania high school in 2024, on the 25th anniversary of the massacre at Colorado’s Columbine High School, authorities said. A 15-year-old girl and 15-year-old boy are charged as adults and two other teenagers face juvenile charges in the plan to […]
1 day ago
FILE - In this Sept. 24, 2021, file photo President Joe Biden speaks about the COVID-19 response an...
Associated Press

Biden risks losing support from Democrats amid DC gridlock

NEW YORK (AP) — President Joe Biden is losing support among critical groups in his political base as some of his core campaign promises falter, raising concerns among Democrats that the voters who put him in office may feel less enthusiastic about returning to the polls in next year’s midterm elections. In just the past […]
1 day ago
India's Prime Minister Narendra Modi addresses the 76th Session of the U.N. General Assembly at Uni...
Associated Press

India’s Modi targets neighbors at UN, but not by name

NEW YORK (AP) — Indian Prime Minister Narendra Modi didn’t directly mention Pakistan or China in his Saturday speech to the United Nations General Assembly, but the targets of his address were clear. He called upon the international community to help the women, children and minorities of Afghanistan and said that it was imperative the […]
1 day ago
Seraphine Warren poses for a photo in her home in Tooele, Utah, on Sept. 23, 2021, with a rug made ...
Associated Press

Petito case renews call to spotlight missing people of color

SALT LAKE CITY (AP) — In the three months since 62-year-old Navajo rug weaver Ella Mae Begay vanished, the haunting unanswered questions sometimes threaten to overwhelm her niece. Seraphine Warren has organized searches of the vast Navajo Nation landscape near her aunt’s home in Arizona but is running out of money to pay for gas […]
1 day ago
FILE - In this March 2, 2019, file photo, Kim Yo Jong, sister of North Korea's leader Kim Jong Un a...
Associated Press

Kim’s sister: NKorea willing to talk if Seoul shows respect

SEOUL, South Korea (AP) — The powerful sister of North Korean leader Kim Jong Un said Saturday that her country will take steps to repair ties with South Korea, and may even discuss another summit between their leaders, if the South drops what she described as hostility and double standards. The comments by Kim Yo […]
1 day ago

Sponsored Articles

...
IQ Air

How Poor Air Quality Is Affecting Our Future Athletes

You cannot control your child’s breathing environment 100% of the time, but you can make a huge impact.
...
Swedish Health Services

Special Coverage: National Prostate Cancer Awareness Month

There are a wide variety of treatment options available for men with prostate cancer. The most technologically advanced treatment option in the Northwest is Stereotactic Body Radiation Therapy using the CyberKnife platform.
...
Marysville Police Department

Police Opportunities in a Growing, Supportive Washington Community

Marysville PD is looking for both lateral and entry level officers. Begin or continue your career in law enforcement for a growing, supportive community.
Courtesy of JWatch Photography....
Experience Anacortes

Summer Fun Activities in Anacortes

With minimal travel time required and every activity under the sun, Anacortes is the perfect vacation spot for all ages.
...
By Alaska Airlines

Calling all football fans: follow Russell on the road

Take your Northwest spirit that we’re known for on the road this season with Alaska Airlines.
...
By Marysville Police Department

Police Opportunities in a Growing, Supportive Washington Community

Marysville PD is looking for lateral and entry level officers. Begin or continue your career in law enforcement for a growing, supportive community.
Turn off, turn on: Simple step can thwart top phone hackers