A recent cyberattack has prompted the Department of Homeland Security to issue a public service announcement urging Americans to switch to end-to-end encrypted (E2E) messaging apps. The operation, known as Salt Typhoon, is believed to be the “worst telecom hack in our nation’s history” and can grant hackers access to targeted individuals’ unencrypted texts and phone calls.
The Cybersecurity and Infrastructure Security Agency (CISA) has published a bulletin with suggestions for highly targeted individuals, including senior government employees and politicians. CISA warns that all communications between mobile devices and internet services are at risk of interception or manipulation. However, implementing best practices can significantly enhance protection against malicious cyber actors.
Using only E2E encrypted communications on all devices and online accounts is crucial. Free messaging apps like Signal, WhatsApp, and Dust offer this feature. Zoom also offers E2E for video chat. While no app is completely secure, using these services with caution can provide enhanced digital privacy.
Digital security goes beyond E2E encryption. CISA recommends additional steps such as enabling Fast Identity Online (FIDO) where possible and using a password manager. Avoiding SMS-based multifactor authentication methods, which are not encrypted and vulnerable to hacking, is also essential. Instead, use standalone authenticator apps offered by companies like Google, Microsoft, or Authy.
Law enforcement agencies may seem to promote the switch to encrypted communications with mixed messages. However, checking out the PSA for a more extensive list of digital privacy tips can help individuals take control of their online security.
Source: https://www.popsci.com/technology/dhs-encrypted-texting-apps