{"id":1238,"date":"2024-12-16T05:26:23","date_gmt":"2024-12-16T05:26:23","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=1238"},"modified":"2024-12-16T05:26:23","modified_gmt":"2024-12-16T05:26:23","slug":"the-hidden-risks-of-mobile-calls-and-messages-why-end-to-end-encryption-is-just-the-starting-line","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=1238","title":{"rendered":"The Hidden Risks of Mobile Calls and Messages: Why End-to-End Encryption is Just the Starting Line"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

The recent breaches of sovereign telecom networks in the United States, underscores how highly connected but fragmented public networks are increasingly vulnerable to sophisticated attacks.\u00a0<\/p>\n

Another rising concern is the blind trust organizations and individuals put into consumer-grade messaging apps such as WhatsApp to share government and commercially-sensitive information.\u00a0 Some of the biggest risks concerning these uncertified methods of communications are identity (through public registration) and access to metadata, which can reveal a detailed picture of relationships and communication patterns. For instance, attackers can learn not only who communicated with whom, but also when, where and how often.<\/p>\n

With mobile spying and network interception on the rise, what can organizations do to mitigate these risks and protect communications?<\/p>\n

Why Telecom Networks and Mobiles Are a Prime Target<\/strong><\/h3>\n

Telecom networks, by design, prioritize global reach and seamless connectivity.<\/p>\n

David Wiseman, Vice President of Secure Communications for BlackBerry Cybersecurity:<\/p>\n

\u201cPublic telecom networks, designed for global reachability, prioritize interconnectivity over security. While this is core to the value that telecom networks provide to consumers, it also means that security trade-offs must take place.\u201d<\/em><\/p>\n

This ethos, while beneficial to consumers, introduces systemic vulnerabilities. Automated interconnections between carriers worldwide enable effortless communication but also leave doors ajar for cybercriminals and state-sponsored hackers. The weaknesses in roaming protocols, which allow carriers to redirect or intercept cellular traffic without user knowledge, further exacerbate these risks.<\/p>\n

As we\u2019ve seen, these vulnerabilities are no longer theoretical. Threat actors now leverage telecom weaknesses and risky mobile apps for espionage, intelligence gathering, and even monetized cybercrime, such as \u201cwire-tapping-as-a-service.\u201d The stakes are high, not just for sensitive businesses information, but for matters of national security.<\/p>\n

At the device level, it is often presumed that end-to-end encryption is enough when using common mobile apps for calls, messaging and file sharing.\u00a0 In fact, it should just be the starting line \u2013 and organizations relying on secure, confidential communications must take stock of what is being used by employees, where their data is held and how it is being used.<\/p>\n

David Wiseman adds: \u201cMetadata generated by communications via \u2018free\u2019 apps for voice calls and messaging can be easily traded, fuelling \u2018wire-tapping-as-a-service\u2019 markets that are readily available for purchase on the internet. This underscores the harsh reality that trust placed in uncertified apps does not extend to what happens with your metadata.\u201d<\/em><\/p>\n

BlackBerry\u2019s Answer to an Otherwise Systemic Problem<\/strong><\/h3>\n

Both governments and business alike have exponentially increased the virtualization of their communications, and its people are often fast to adopt inappropriate consumer technology, whether its WhatsApp or Signal; or communicating via their personal iOS\u00ae\u00a0or Android\u2122 devices.<\/p>\n

These devices are ubiquitous, easy to purchase, and the apps themselves are quite frictionless to obtain; so it\u2019s understandable from a usability perspective why individuals would be inclined to go down this path. Alternatively, when provided with specific devices and tools to help secure their communications, there can be reluctance to use them consistently.<\/p>\n

BlackBerry helps address these challenges with SecuSUITE\u00ae\u00a0<\/a>. The system works seamlessly with off-the-shelf iOS\u00ae\u00a0and Android\u2122 devices, maintaining excellent sound quality and message delivery speed, while providing the end-to-end encryption necessary to shut out eavesdropping at any point in the communications.<\/p>\n

The user experience is uncompromised, and there is no frustration with having to distinguish operation and communication as fundamentally \u2018different\u2019 when using mobile devices.<\/p>\n

There is also another equally important component to usability, and that is meeting the needs of technology management teams. Flexible deployment options allow for integration with Mobile Device Management (MDM) or operation in full \u2018sovereign mode\u2019 with no dependency on any particular vendor infrastructure.<\/p>\n

In the case of possible user circumvention, SecuSUITE will not run on rooted or jailbroken devices. On start-up or update, the app always performs an integrity check \u2013 if it has been modified in any way, it will not start.<\/p>\n

Looking Ahead: Organizations that demand trusted communications must deploy certified communication tools<\/strong><\/h3>\n

The recent incidents reported in the US are a wake-up call, but they are far from unique. \u00a0Vulnerabilities in one carrier can ripple across the globe, and this is why a shift towards a secure, sovereign system is not optional, but essential.<\/p>\n

BlackBerry\u2019s solutions are certified to meet the highest security requirements of Government, from unclassified through to Top Secret, and the portfolio of Unified Endpoint Management (UEM<\/a>) and SecuSUITE<\/a> serves as a blueprint for what the industry must prioritize for true mobile security. Fine grain controls for managing diverse devices, coupled with enforcing security policies across all devices and applications that works seamlessly for the user both locally and abroad.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

The recent breaches of sovereign telecom networks in the United States, underscores how highly connected but fragmented public networks are increasingly vulnerable to sophisticated attacks.\u00a0 Another rising concern is the blind trust organizations and individuals put into consumer-grade messaging apps such as WhatsApp to share government and commercially-sensitive information.\u00a0 Some of the biggest risks concerning […]<\/p>\n","protected":false},"author":0,"featured_media":1239,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1238","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1238"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1238"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1238\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/1239"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1238"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1238"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1238"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}