Stop your phone from being hacked
A few tips that could have helped Jeff Bezos.
LOS ANGELES – If Saudi Arabia or some other foreign government wants to get into your phone, it’s going to happen. Your only option: Turn off the internet and just use the phone to make calls.
“They will get you,” says David O’Brien, a senior researcher with the Berkman Center for Internet & Society at Harvard University. “Of course, it depends on how high a value of a target you are.”
Amazon CEO Jeff Bezos, whose phone should be unhackable and as secure as Fort Knox, was compromised by Saudi Arabia, according to his security pro Gavin De Becker.
“Our investigators and several experts concluded with high confidence that the Saudis had access to Bezos’ phone and gained private information,” wrote De Becker in the Daily Beast.
Clicking one bad link on a web page or visiting a website that had the malware installed by the Saudis could have done it, says O’Brien. He adds that simply downloading an app from the Apple or Google app store that wasn’t secure also could have provided a pathway for the Saudis to enter.
Cooper Quintin, a senior staff technologist for the Electronic Frontier Foundation, says anyone can be hacked, even Jeff Bezos.
“I wouldn’t assume that anybody is too smart to click a bad link on a smartphone,” he says. “If he got a message that said, ‘Read this article,’ or `Look at what they published about you,’ even if he had the most secure, up-to-date phone, there is nothing you and I or Jeff Bezos could do about it. Anybody can be hacked.”
Still, O’Brien and Quintin have five tips to secure your phone. It won’t keep a foreign country determined to strike away, but it will strengthen your security.
Install updates
As soon as you get the notice, take the time and get it done, says O’Brien. “The updates are usually security patches. As soon as the patch is identified, there’s a chance the vulnerability could be discovered by hackers. So that’s a flaw that needs to be patched as soon as possible.”
Update passwords
Have different passwords for every website you go to. It’s a lot of work, but O’Brien says that if one password is hacked, the hacker then assumes you’ve used the same one elsewhere, and the pain follows you all over your digital life. He likes password managers such as LastPass to keep track of the various passwords and to generate hard-tohack, complicated combinations of letters, numbers and symbols. LastPass starts at $3 monthly. Adding two-factor authentication is another safety precaution. Instead of logging in with just your screen name and password, you have to add in a unique code, which makes it harder for hackers to break into.
Never tell anyone the passcode
“Don’t leave the phone in anyone else’s possession,” says Quintin. That includes letting your significant other, assistant or co-workers know how to open your phone.
Don’t open random links
This is Tech 101, but if you get an email or text message with nothing but a link in it, it’s probably malware. This is the type of hack that the Russians used to tap into Hillary Clinton’s e-mail. Campaign chairman John Podesta received an authentic-looking but phony Google security update. One click of the link, and the Clinton campaign e-mails were stolen.
O’Brien recommends inspecting links closely to make sure it’s a reputable name and trustworthy. Bad links are pretty easy to spot.
If you’ve never heard of the company, that’s a pretty good sign it might be problematic.
“If you don’t recognize it, Google around it to see if anyone else reported problems,” says O’Brien. Quintin also suggests contacting the friend that sent the e-mail or text with the link and asking if it was for real.
Run antivirus apps on the phone
Several apps promise protection for your phone, including Avast Security, Lookout and Mobile Security Protection. Avast, for instance, promises notifications if any of your passwords are found leaked online (password manager Dashlane offers the same service) and offers secure browsing with a private virtual private network. The cost is $20 yearly with VPN service.
Quintin says up-to-date iPhones and Android phones are really secure and a challenge for hackers. It can cost as much as $1 million to hack into an up-todate phone, he adds.
“It costs so much because it takes a lot of work and time,” he says. “That type of money is reserved for high-profile targets, like a top CEO or president of a country.”
We reached out to both Amazon and De Becker for comment but didn’t get a reply as of publication time.