Image by Elchinator on Pixabay
26 Facebook x.com Reddit
Last updated 4 days ago
The FBI and Cybersecurity and Infrastructure Security Agency say Americans should use encrypted apps like iMessage and FaceTime, to protect themselves from foreign hackers.
It's a 180-degree turn for the FBI, which has been demanding for years that Apple give the agency unencrypted access to messages. The new warning comes in response to what it and the Cybersecurity and Infrastructure Security Agency (CISA) call the ongoing Salt Typhoon hack in China.
“Our pitch that we’ve been telling people internally is not new here: Encryption is your friend, whether it’s text messages or the ability to use encrypted voice communications,” Jeff Green, executive assistant director for cybersecurity at CISA, said in a press conference with NBC News. “Even if an adversary can intercept the data, if it’s encrypted, it makes it impossible to do so.”
The FBI official on the call, who asked to remain anonymous, also appeared to specifically recommend using an iPhone.
“People looking to further protect their communications via mobile devices would do well to consider using a mobile phone that automatically receives timely operating system updates,” the official said, “[as well as] responsibly managed encryption and phishing-resistant multifactor authentication for email, social media, and collaboration tool accounts.”
The FBI and CSIA warning follows incidents such as the Salt Typhoon group reportedly gaining access to a US law enforcement wiretap network. The group is also suspected of having hacked the iPhones of US presidential campaign officials.
In particular, the size of the law enforcement wiretap is so large that Greene said it was impossible to “predict the time frame when we’ll have a full eviction.”
Both Apple’s iMessages and Google Messages are protected by end-to-end encryption, as is FaceTime. However, older text messages are not.
RCS is encrypted in Google’s implementation, but Apple has reportedly chosen to work with the GSMA to add encryption to standard RCS. However, as of September 2024, Google and Apple were still working on the issue.
So, at this point, it appears that using RCS to send messages between iPhone and Android is not encrypted. This also means that if any iMessage group has at least one Android member, the group conversation could potentially be read.
Follow AppleInsider on Google News
