The US Cybersecurity & Infrastructure Security Agency (CISA) has released guidance aimed at protecting individuals targeted by the “Salt Typhoon” Chinese state-sponsored attackers. However, critics argue that some advice may not be directly applicable to the general public.
CISA’s five-page document advises highly targeted individuals, such as senior government officials and those in senior political positions, to assume all communications are at risk of interception or manipulation. The agency recommends using end-to-end encryption for messaging apps like Signal and upgrading multi-factor authentication methods that can’t be fooled by phishing sites.
However, some critics have questioned CISA’s advice on using virtual private networks (VPNs), citing concerns over security and privacy policies. According to CISA, personal VPNs shift risks from the internet service provider to the VPN provider, potentially increasing the attack surface.
CISA also provides mobile-specific advice, recommending protecting device DNS lookups and verifying app permissions. The agency advises iOS users to enable Apple’s iCloud Private Relay and Android users to check their app permissions regularly.
Notably, CISA recommends that iOS users disable the fallback option to send messages via unencrypted SMS and only use RCS if everyone in a conversation is using Google’s Messages app. For Android users, it suggests employing security patches from manufacturers with strong security track records.
The agency’s most stringent advice applies only to iOS users: enabling Apple’s Lockdown Mode. This severely restricted feature defeats commercial spyware but breaks many iPhone features.
CISA concludes by reminding readers to report online attacks and vulnerabilities through its website or by calling 844-729-2472.
Source: https://uk.pcmag.com/android/155983/the-feds-have-some-advice-for-highly-targeted-individuals-dont-use-a-vpn