NSA Cautions for Mobile Device Threats
With over 90 percent of the global internet population using mobile devices, the National Security Agency (NSA) is appropriately focused on providing best practices for mobile users to ensure their security and safety. Cybersecurity threats to users continue to increase in frequency and complexity, stressing the importance of heeding the NSA’s threat-mitigation suggestions.
The NSA Mobile Device Best Practices guide provides strict guidance on a couple rather common practices. For instance, mobile users should not open links and attachments from unknown senders. In fact, even known senders can accidentally send malicious content unknowingly after being compromised, so users should always exercise caution before clicking on links and attachments. Additionally, users should leverage secure voice configurations on mobile devices to protect sensitive conversations.
The NSA also highlights behaviors to avoid when using mobile devices to reduce user vulnerabilities. Users should be aware of Wi-Fi connections, and if unnecessary, disable Wi-Fi to ensure a connection is not made to a public Wi-Fi network. Perhaps a few more obvious risks include losing track of the mobile device or connecting it to removable media—both of which could lead to physical attacks.
Most of the convenience of using mobile devices derives from the ability to access a myriad of applications as well as text contacts effortlessly. However, users should be cautious about downloading applications from anywhere other than official application stores. Both entering personal data into these applications and communicating information—sensitive or not—within any application pose serious risks to a mobile user’s privacy and security. Indications of compromised devices can often be unexpected pop-ups, so users should close out of all applications if these appear on their screens.
Additional protective measures include turning off Bluetooth and location services when they are not in use to avoid unwanted connections and physical tracking. Mobile device software should always be kept up-to-date to fix security vulnerabilities and protect personal data. As a last line of defense, mobile users need strong, unique passwords and biometric capabilities to prevent common password cracking attempts.
The NSA Mobile Device Best Practices guide continues to identify which threats can be prevented by each of the practices mentioned above, such as spear phishing, a method for deploying malware onto a user’s device. Although these protective measures are published for all mobile device users to observe, it is through practice and operational training that malicious actors will remain unsuccessful at breaching the security of each user’s mobile environment.
Learn about Ntrepid’s technical and operational training for a mobile-device-dominated world.