< Back
cyberthreat news

Tags:

ercom
04 March 2024

How to protect smartphones from threats

How to protect smartphones from threats

 

Smartphones are facing increasingly sophisticated threats, with a rise in compromised business and personal smartphones. New techniques target users and their smartphones with greater precision, from spying for data exfiltration to locating and finding vulnerabilities in recent software versions. Faced with these challenges, it is imperative to implement effective measures for enhanced security. Find out in this article what the main threats are and how to protect against them.

 

The evolution of mobile threats 

The latest 2023 Cyber Threat Landscape by ANSSI highlights a serious concern about growing threats to the telecom industry, particularly with regard to espionage via malware or spyware attacks, call/SMS interception (IMSI catcher) or vulnerability-hunting attacks. Today, smartphones are a prime target for cyber criminals who use them for profit, espionage, and destabilization.  A smartphone not only contains information internally, but is also a possible attack vector against an organization's information systems and can be used to gain malicious direct access to steal data. 

Among the most worrying threats highlighted by ANSSI are espionage operations involving data exfiltration via spyware, or the compromise of telecom networks (cables, routers, satellite traffic, etc.) enabling attackers to gain direct access to the communications of strategic entities and individuals. These threats can have a major impact on data confidentiality and network integrity.   

For many years, the world has been shaken by the use of offensive software for espionage purposes. Particularly in the political sphere. Recently, traces of intrusive surveillance software were discovered in two smartphones belonging to members of the European Parliament's Subcommittee on Security and Defense (SEDE). This isn't the first time that members of the European Parliament have been targeted by spyware. In fact, in 2022, several European politicians had their smartphones infected by offensive software such as Pegasus, Candiru or Predator. 

Other malicious programs specifically targeting smartphones include BlastPass, Triangulation and Reign. The proliferation of these offensive tools in an increasingly tense geopolitical context is contributing to a general increase in the threat level. The increasing number of clandestine and malicious interceptions of calls and SMS messages, and the massive exfiltration of data, underline the need for robust security solutions to protect the confidentiality and security of mobile communications. 

 

Cryptosmart: Effective protection for enhanced security

In the face of growing security challenges, Cryptosmart offers a complete solution. Developed in partnership with SAMSUNG, the Cryptosmart solution is compatible with the latest smartphones and tablets, and ensures the best protection by combining features derived from government/military-level requirements from Samsung's KNOX security framework. 

Cryptosmart offers triple protection, securing communications, data and mobile devices. It benefits from a high level of security and has the “Restricted Distribution” certification (currently being renewed). Call and SMS interception via IMSI catcher or network attacks are thwarted by Cryptosmart with end-to-end encrypted voice calls and SMS. 

In terms of protection against malware and spyware, Cryptosmart takes a proactive approach with strict administrator control of installable applications and local ports (USB, BT), preventing remote or local installation of malware.  In addition to the above security measures, VPN tunneling to a filtering system further thwarts malware attempts to exfiltrate data from the phone to an attacker’s servers... 

By fully encrypting device content, Cryptosmart offers an additional security component. Sensitive data stored on the device remains out of reach in the event of theft or loss of the device. With Cryptosmart, access to an organization's information systems is also protected against the risk of intrusion. Using strong mobile user authentication and mutual authentication between the device and the gateway on the organization's servers, intrusions in operational systems are also avoided. 

Cryptosmart is positioned as a solution that goes beyond simple encryption, incorporating advanced protection schemes to counter a range of cyber threats. This comprehensive approach makes it the preferred choice for government bodies, major international corporations and Operators of Vital Importance looking to secure their communications. 

Learn more