Mobile devices have become the standard communication tool for consumers and businesses, and this has made them a favorite target for hackers. Due to the increase in remote work and adoption of cloud services, 60% of companies now see mobile devices as the biggest security risk, according to Verizon.
To learn more about combatting mobile threats and mobile-first protection methods, we interviewed former NSA network engineer and co-founder of Glacier Technologies, Alex White. Read on for a round-up of the learnings from our talk:
1. Smartphones becoming our central communication tools has made them a data goldmine for hackers
The amount of sensitive information we entrust to our phones (and the lacklustre approach many of us have to mobile security) has made phones easy prey for cybercriminals. “Today, a mobile device is a much more valuable target. Because we're using it for everything. Email, calendar, sensitive communications. And an adversary, whether it's a state-sponsored adversary or a hacker-type of community, for them that's a value.”
2. There’s no one-size-fits-all solution for mobile protection
“No device is a hundred per cent hack-proof,” says Alex, as user devices can be breached by malicious attempts coming from multiple sources. On mobile, these can be harmful text messages, social engineering, an unsecured Wi-Fi connection, or poor encryption. With that in mind, Glacier’s team offers custom solutions for their high-net-worth clients, including custom hardware configurations and encrypted services for text, voice, video & file sharing.
3. Creating secure communication tools for the NSA and introducing end-to-end encryption was a challenge
Despite the common perception of the NSA as an organization carefully protected from prying eyes, its employees did not widely use secure communication tools when Alex started his career there 15 years ago. This gave him and his team the urgency to start developing secure tools built on open-source technologies. Alex remembers end-to-end encryption being the hardest nut within this process to crack.
4. Using mobile security techniques like burner devices depends on the adversary profile you want to protect yourself from
Using burner devices as an easy and effective way of remaining anonymous has been popularized by Hollywood, but in reality these devices only fulfill their intended purpose when no personally identifiable information (PII) is connected to them. This basic fact is often overlooked when a user purchases a new device and habitually logs into their Google/Apple account.
To avoid this, Alex recommends travelers in high-risk areas should resort to techniques that keep burner devices anonymous. He also adds: “You have to understand what you're trying to protect yourself from. From Google, or from a potential adversary where you're going? That's the first thing you have to decide.”
5. The pandemic has turned the spotlight on real end-to-end encryption
“Mainstream knowledge of secure communications was very limited before the pandemic,” explains Alex. The surging demand for secure collaboration tools has revealed inaccurate security claims and practices of major providers – think of the Zoom or WhatsApp scandals – and directed attention towards companies offering real end-to-end encryption.
However, increasing privacy awareness has shed new light on the digital dilemma of security vs. convenience. Alex believes that the two desires can only be combined to a certain extent; that is, in line with the level of confidentiality our communication processes allow.
If you’d like to dive deeper into our interview with Alex and learn about the NSA, mobile security, and what factors individuals should consider when travelling to high-risk areas, you can check out the full episode here: