WikiLeaks recently published that the CIA has hacking tools to break into almost any operating system and gain the same kind of access as the owner of the device. No device is safe, including smartphones, smart TVs, tablets, and computers from Apple, Google, Samsung, and Microsoft.
The organization’s documents also claim the CIA’s secret hacking program describe tools that can turn camera-and-mic-equipped devices into a spy.
The “Vault 7” leak contains more than 8,700 files, although it is not clear how WikiLeaks got their hands on the documents.
CBS News interviewed a CIA spokesperson about the issue, but he had no comment on the authenticity of the leak. “CIA’s mission is to aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states, and other adversaries,” said the agency.
Even so, WikiLeaks has fueled many concerns about digital privacy and potential security vulnerabilities in consumer’s devices.
How can my smartphone be safe from surveillance?
First of all, the breaching tools are not for mass surveillance, so their existence doesn’t mean every mobile device is at risk.
However, there is not much a user can do to fully ensure the security of their smartphones without compromising the benefits of the device like, for example, the networking.
Furthermore, every internet-connected device with microphone or camera can become targets of the CIA. That includes voice-controlled devices like the Amazon Echo speakers.
It is not enough to unplug the phone from the internet to avoid the spying. Users would have to remove the battery as well if that is possible. The best recommendation is to get a device from a manufacturer who has proven careful and responsible on security.
More so, customers should keep their operating systems fully patched and up-to-date, and avoid links from MMS, emails, apps, or web navigation unless they are reliable.
There will always be vulnerabilities of which OS manufacturers and antivirus companies are not aware until it’s too late. Such issues are known as “zero-day exploits” because by the time they arrive victims have zero time to prepare.
The encryption of messaging apps
Popular messaging apps like WhatsApp, Signal, and Telegram encrypt the communications from end to end, so it is nearly impossible to breach a third-party conversation and read the messages.
CIA’s alleged hacking tools can forget about the encryption altogether because they can infiltrate the OS of an Android phone, iPhone, iPad, or Windows-based computer. It means the intruder can read the messages and listen to any conversations inside the device itself, even when the communications stay encrypted in transit.