The US government has issued a critical advisory urging senior officials and politicians to adopt stringent security measures to safeguard their mobile communications. This move follows revelations of cyber intrusions linked to Chinese state-backed hackers targeting US telecommunications infrastructure. The Cybersecurity and Infrastructure Security Agency (CISA) has identified significant risks posed by these activities, which allegedly enabled the theft of call records and the interception of sensitive communications from a small but highly targeted group of individuals.
CISA’s guidance focuses on protecting senior government and political figures, who are deemed to be at heightened risk of espionage. The agency emphasised the need for immediate implementation of robust practices. It warned that traditional communication methods, such as phone calls and text messages, may no longer be secure against such sophisticated cyber threats.
The agency’s recommendations highlight the importance of adopting end-to-end encrypted messaging platforms, which ensure that only the intended recipients can access the content of communications. Applications like Signal were identified as reliable tools, offering encrypted text, voice, and video communication alongside additional privacy features, such as disappearing messages. CISA also stressed the need for multifactor authentication (MFA) methods that resist phishing attempts, urging officials to move away from SMS-based authentication, which remains vulnerable to interception.
Password security also forms a crucial part of the advisory. Officials are being encouraged to use password managers to create and store unique, complex passwords for each account. These tools not only enhance security but also provide alerts for weak or compromised credentials. Furthermore, CISA underscored the importance of regular software updates, which address vulnerabilities that could be exploited by attackers.
To mitigate risks further, CISA recommends upgrading to the latest mobile hardware, as newer devices incorporate advanced security features that older models cannot support. The guidance warns that without these updates, even robust software security may fall short of protecting sensitive data.
For iPhone users, CISA advises enabling Lockdown Mode, a feature designed to restrict potential entry points for cyberattacks by limiting app functionality and access to sensitive data. Additionally, users are urged to review and manage app permissions. Access to features such as location, microphone, and other sensitive data should be revoked unless absolutely necessary, according to the agency.
Android users, meanwhile, are encouraged to prioritise devices from manufacturers with a strong track record in security and long-term update commitments. The guidance also recommends configuring DNS settings to use trusted resolvers and enabling enhanced browser protections to guard against malicious websites and phishing attempts.
TP-Link routers under investigation
The CISA advisory comes amid wider concerns about cybersecurity vulnerabilities in US networks. Federal agencies are investigating Chinese router manufacturer TP-Link, whose devices dominate the US small office and home office (SOHO) market. Allegations include artificially low pricing to expand market share and potential involvement in cyberattacks targeting American entities.
The Department of Justice, Commerce, and Defense are probing whether TP-Link routers, which are widely deployed by over 300 US internet service providers, pose a national security threat. These devices are reportedly used in networks across multiple government agencies, including the Department of Defense and NASA. A ban on TP-Link routers is being considered if the investigations confirm the risks.