The U.S. National Counterintelligence and Security Center (NCSC) and the State Department have jointly released guidance on defending against attacks using commercial surveillance tools.
This guidance provides tips on how to stop potential targets of espionage attacks from using spyware deployed on mobile devices to track your location, record conversations, and attempt to harvest your personal information and online activities.
Companies and individuals are selling commercial surveillance tools to governments and other entities to use for malicious purposes
These tools allow malicious parties to infect mobile and Internet-connected devices via WiFi and cellular data connections.
A malicious actor may be able to infect a targeted device without the device owner having to do anything. In some cases, the infected link can also be used to access the device
A list of spyware mitigations shared by the NCSC and the U.S. Department of State advises potential targets to:
The NCSC and the U.S. Department of State have developed a list of spyware mitigations.
- Update your device’s OS and mobile applications regularly
- Be suspicious of content from unfamiliar senders, especially content with links or attachments
- Don’t click on suspicious links, suspicious emails or attachments.
- Verify the URL before clicking on the link or go directly to the website.
- Rebooting your mobile device regularly can help prevent or remove malware infections.
- Encrypt and password protect your devices.
- Whenever possible, maintain physical control of the device.
- Use a trusted virtual private network.
- Disable geo-location options and cover cameras on devices
These measures mitigate risk, but they do not eliminate it. It is always safest to act as if your device has been compromised, so please be careful with sensitive content.
This advisory was issued in response to the news that the cell phones of U.S. State Department employees were hacked using Pegasus spyware developed by the Israeli surveillance company NSO Group.
The attacks targeted at least 11 U.S. government officials stationed in Uganda, East Africa, in the second half of last year.
The Commerce Department’s Bureau of Industry and Security (BIS) has added NSO and Candiru to its list of entities for supplying software used by state hackers to spy on government officials, journalists and activists.
Also in early November, Apple Inc. filed a lawsuit against the NSO for targeting and spying on Apple users after using the ForcedEntry exploit and Pegasus spyware to attack their devices, as revealed by Citizen Lab in August. The lawsuit was filed.
Some governments are using commercial surveillance software to target dissidents, journalists, and others around the world who they perceive to be critical
Commercial surveillance tools are also being used in ways that pose serious counterintelligence and security risks to U.S. personnel and systems.