- CISA has issued an advisory for US government communications
- Government officials are encouraged to lock down their devices
- This follows the discovery that foreign actors have breached US telecom networks
CISA has urged “highly targeted” individuals in the US government or in senior political positions to immediately review and implement strict security measures with their mobile devices.
This comes after several major US telecom companies were hit by security breaches earlier in 2024, most likely from state-sponsored Chinese hackers.
Recent reports also confirmed that the group behind the attack, Salt Typhoon, has not yet been completely eradicated and is still lurking in US telecom networks.
Lockdown mode
As part of its advice, CISA has also released a mobile communications best practice guide, with instructions on using end-to-end encryption, password managers, Fast Identity Online (a phishing-resistant authentication) and advice on how to can migrate from SMS-based multi-factor authentication.
CISA recommends that iPhone users enable “Lockdown Mode,” which strictly limits certain apps and disables many features to reduce the attack surface that attackers could exploit.
The scale of this attack makes it a serious concern for all senior officials, with major networks such as Verizon, AT&T and Lumen Technologies found to have threat actors with access to their systems.
“Highly targeted individuals should assume that all communications between mobile devices – including government and personal devices – and internet services are at risk of interception or tampering,” CISA said.
Communications remain an attractive target for foreign actors, as breaches can lead to significant disruptions and loss of sensitive data.
US communications in particular have come under fire this year, especially against government and political targets in the run-up to last month’s US elections. A ‘hack and leak’ campaign hit President-elect Donald Trump on the campaign trail in an attempt to compromise the campaign, resulting in two indictments against the suspected individuals.
Via The record