NSA Cautions iPhone Owners: Do This to Protect Against New Cyber Threat

The National Security Agency (NSA) has issued a new guide on Mobile Device Best Practices that urges iPhone users to adopt a new habit to protect against an emerging and sophisticated type of cyber threat known as a “zero-click” exploit.

What is a Zero-Click Exploit

A zero-click exploit is exactly what it sounds like. It allows a hacker to execute malicious code or access private information without any interaction from the user.

This Limited-Time Microsoft Office Deal Gets You Lifetime Access for Just $39

Sick and tired of subscriptions? Get a lifetime license for Microsoft Office Home and Business 2021 at a great price!

A zero-click exploit is unlike traditional phishing or malware attacks that dupe the user into clicking a link or opening a file. This new type of attack can infiltrate a device simply by sending a message or file that grants the hacker access without the user’s knowledge.

This means even the most vigilant can be victimized. These crafty attacks are usually carried out after a hacker discovers gaps in software. The most frequently targeted methods are SMS, text, email, and other smartphone apps. The only silver lining right now is that these exploits are expensive and targeted attacks typically only undertaken by state-sponsored mercenary spyware like Pegasus. However, that doesn’t mean this can’t change as these tools and techniques become more common.

NSA’s Recommendation

The NSA’s recommendation is simple: power off your iPhone at least once per week. This practice can help clear any dangerous code that may have been discreetly delivered to your device.

Restarting your iPhone ensures that temporary files and background processes where these files may lurk are reset. Notice, however, that even habitually powering off your iPhone isn’t foolproof, as the NSA indicates it will only “sometimes prevent” zero-click exploits. The most sophisticated ones may be able to reload themselves, although as we mentioned earlier, most of us aren’t likely to be targeted by those.

Additional NSA Cybersecurity Tips

In the same document, the NSA offers additional threat prevention and mitigation measures. Some are familiar threats and practices. These include regularly updating iOS and apps to avoid malware and using only trusted Wi-Fi networks.

Other threats and vulnerabilities pointed out by the NSA are pretty hair-raising. For example, the only way to prevent the collection of sensitive conversations and videos is to avoid carrying your iPhone or having conversations near it and to use a mic-drowning case and camera cover. Room audio and video collection probably isn’t top of mind for every iPhone user. Neither is the threat of supply chain attacks from using untrusted accessories. Unfortunately, these threats exist.

You should review the document in full. We’ve covered most of it in various articles, but it’s always good to have a go-to comprehensive guide. Remember, cyber threats are a persistent and evolving danger. It’s too easy to get lost in our devices and forget about the underlying risks that come with constant connectivity. Staying aware of threats and adopting basic precautionary measures should be everyone’s baseline.