Firstly Happy Cybersecurity Awareness Month! In this article I will teach you ways that you can keep your phone safe and secure. Most people do not go anywhere without their phone, this makes it phones very valuable. Phones themself are valuable but the data inside them can be worth a pretty penny to cybercriminals. They can sell access to your phone, sell your user names and password stored on your phone and install adware on your phone where they can make money by making you view ads. The attacks that cyber criminals can do once they compromised your device is endless. It does not matter if you have Android or iPhone, all phones can be hacked in one way or other.
Installing Apps
One of the most causes of being hacked is downloading apps not from the Google Play store or the Apple store. These stores have protection in place that will scans newly added apps. By installing an app via a third party, you are putting your phone security at risk. Sometimes malicious apps get published on the store but are usually quickly removed by the security team.
WIFI & Bluetooth
Another good habit is to turn of Bluetooth and WI-FI when you are not using those technology. Hackers could use a WIFI pineapple to force your phone to connect to a evil twin WIFI Network. Basically your phone or device saves the WIFI networks that you have connected to the past. It constantly looks for these networks. The WIFI pineapple takes advance of this and says “hey I am a network you connected at before. Connect to me”. Your phone will connect to that network with the same name but it will not be password protected. After connecting to the rogue WIFI network, the attacker can perform a bunch of different attacks. This is why it is important to only connect to WIFI networks you trust. If you see your phone connected to the WIFI network of your house when you are at the store, disconnect to the network as soon as possible and turn off WIFI.
Password Protect Your Phone
Always password protect your phone, or even use a pin. The pin should be random, not the last four digits of your phone number. Password protecting your phone will protect the contents of your phone if it ever ends up in someone’s hand. Most if not all modern phones these days have a lock out period so that an attacker can not brute force the pin or password. Most modern phones even allow you to use your fingerprint to unlock your phone. I recommend you protect your phone with some type of protection, does not matter if you choose to use your thumb print, pin code, or a long secure password. NIST recommends that the passwords be at least eight characters long and contain a couple of symbols. Avoid using passwords that contain your pets, kids or family names or dictionary words . Using a passphrase is an easy way to create a really secure password that is easy to remember. Do not re-use passwords on multiple sites or platforms. Hackers could used already hacked databases and search your username or email to find out your passwords that you have used in the past and try them on other sites.
Do not Jailbreak or root your Phone
Rooting is done on Androids, while jailing breaking is done on iPhone. They both mean the same thing but have different names depending on the phone’s Operating System. To make it easier to understand I will use the term rooting. Rooting is when you gain root permission on your phone, usually by exploiting a vulnerability on the phone’s operating system. After rooting your device you have complete access to your phone. With this access you can change your rom, modify the phone themes. I have to admit, I have rooted my phone in the past. Its fun to root you device, you can do things that you cant do on a non rooted phone. Note that rooting your device will likely void your warranty. Rooting your device is dangerous because any app could have root access to your system. With Apple products you can not download apps that do not come from the official app store, but with a jailbroken phone you would be able. As you know installing apps that do not come from official stores is dangerous.
Reboot your Phone
The NSA recommends you to reboot your phone at least once week. Rebooting your device once a week will protect your phone from non-persistent malware. It also might clear old cache. Rebooting your phone will remove any temporary files, which will free up storage space. Restarting or rebooting can also help the phone from freezing or having heating issues. It might also prevent or solve instances where your phone is sluggish or slow.
Update your Phone
Of course it is always a good idea to keep your phone updated. Every couple of weeks check to see if there is an update for your phone. My Android phone will update during the night when I am sleeping. Maybe look into seeing if your phone has similar features. Before updating your phone make sure you save your photos and video as you never know if the images and videos will become corrupt. Not only should you keep your phone updated, but make sure any apps you use is updated to the latest version. It is important to keep your browser on your phone updated as this can be used as an attack vector by a threat actor that could give them unauthorized access to your phone.
Create an “ICE” Contact
ICE or In Case of an Emergency contact is important to have on your phone incase of an emergency, so someone can contact a loved one if you have a medical incident. It can also be handy if you loose your phone, someone can find it and call your ICE. This is specially a good idea if you have diabetes or a different type of diseases that you might become unconscious. I would recommend also installing a device tracking app on your phone incase you loose your phone, you can make it make a noise if you lost it in your house or if you lost the phone while you are out of your house. You also can use the app to remotely wipe the device if you need to.
Be Careful when using Public Charging Stations.
Juice Jacking when an attacker sets up a charging station that when a victim plugs in the device, it will install malware on the phone or will steal data from the phone. An easy way to protect yourself is to use your own charger instead of relaying on a public one. While most airports have charging station, be careful when using a public charger, always bring and use your own wire if possible.
One more way to avoid getting infected is to use a USB cable that does not have data transfers. Cords that have the purpose of data transfer are usually thicker in size. Non data transfers wires will only charge your device.
Usually the charging station at the airports are crowed, by using an external charger you can avoid having to wait in line or waiting for someone to remove their charger. With a portable external charger you can use public cords since it does not have an operating system that can be infected with malware.
Leave a Reply