FBI & CISA Advice - Use Encrypted Messaging

Uploaded on 2024-12-11 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--USA, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Concerns about the security risks of mobile messaging are increasing with concerns over the security of messaging between platforms like iPhone and Android have significantly increased. 

At the same time,  Apple has launched  its own RCS messaging system that will compete with WhatsApp and other messaging platforms.

Now, the responsibile US authorities are telling the public to adopt fully encrypted communication services to protect against growing cyber threats. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have published a warning after a number of wide-ranging cyber attacks attributed to the Chinese nation-sate hackers known as Salt Typhoon.

These attacks have highlighted critical vulnerabilities within US communication networks, highlighting the risk of intercepted communications when using standard text messaging. CISA's advice coincides with recommendations from  Apple, Google, and Meta, who advocate for encrypted services precisely because they render intercepted messages unreadable to outside parties,

CISA and the FBI emphasise that encryption should be the default for all personal and professional communications, with the aim that encryption ensures that even if messages are intercepted, they remain unreadable.

They specifically advised against using traditional SMS or RCS messaging due to the security gaps in cross-platform encryption. While encryption is available within Android-to-Android messaging, cross-platform messaging remains unencrypted, leaving a critical vulnerability for users of different devices.  

Despite discussions between Google and the Global System for Mobile Communications organisation about improving RCS security, a timescale for end-to-end encryption across different platforms has yet to be agreed.

Increasing cyber attacks on political figures and other high-profile individuals illustrate the need for secure encrypted communications to protect against from data breaches and intrusions on privacy. 

NBC   |   NBC   |   I-HLS   |   Forbes   |   Yahoo   |   Tribune   |   

Image: Christian Horz & MrHighSky

You Might Also Read:    

International Initiative To Control Commercial Spyware:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Ransomware Criminals Claim To Have Stolen Deloitte's Data
Trump 2.0: Cyberwarfare To Reach New Heights »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Panzura

Panzura

Panzura optimizes enterprise data storage management and distribution in the cloud, making cloud storage simple and secure.

Jones Day

Jones Day

Jones Day is an international law firm based in the United States. Practice areas include Cybersecurity, Privacy & Data Protection.

Magic Software Enterprises

Magic Software Enterprises

Magic provide Mobile Device Management (MDM) for Secure Enterprise Mobility. Magic MDM overcomes the challenges of mobile device management security by protecting all of your devices, data and content

Patchstack

Patchstack

Patchstack (formerly WebARX) is a web application security platform, which allows digital agencies and developers to monitor, protect and maintain their websites.

PETRAS IoT Hub

PETRAS IoT Hub

PETRAS is a consortium of 12 research institutions and the world’s largest socio-technical research centre focused on the future implementation of the IoT.

Wolfpack Information Risk

Wolfpack Information Risk

Wolfpack specialise in information and cyber threat management covering the full spectrum of prevention, detection, incident response and business resilience capabilities.

MONITORAPP

MONITORAPP

MONITORAPP is responsible for complete web security. Protect your business environment with Application Security Solutions from MONTORAPP.

Infosec Global

Infosec Global

Infosec Global provides technology innovation, thought leadership and expertise in cryptographic life-cycle management.

Avancer Corporation

Avancer Corporation

Avancer Corporation is a multi-system integrator focusing on Identity and Access Management (IAM) Technology. Founded in 2004.

Lupovis

Lupovis

Lupovis is an AI-based deception solution that deploys active decoys turning your network from a flock of sheep to a pack of wolves where the hunter becomes the hunted.

Strategic Technology Solutions (STS)

Strategic Technology Solutions (STS)

Strategic Technology Solutions specialize in providing Cybersecurity and Managed IT Services to the legal industry.

Crispmind

Crispmind

Crispmind creates innovative solutions to some of today’s most challenging technology problems.

Closed Door Security

Closed Door Security

Closed Door Security is the only cybersecurity team in the north of Scotland offering everything from IASME Certification to CREST-Accredited penetration testing.

Anetac

Anetac

Developed by seasoned cybersecurity experts, the Anetac Identity and Security Platform protects threat surface exploited via service accounts.

CyTwist

CyTwist

CyTwist is an early warning attack detection platform that complement your existing security suite and provides your security teams with unique detection capabilities of stealth targeted attacks.

Validia

Validia

Validia is a deepfake cybersecurity service that provides proactive and reactive defense to the deepfake threat enterprises increasingly face with the rapid growth of generative AI.