You can now add Sen. Ron Wyden (D-Ore) to the growing list of government officials and entities urging national security advisors to provide a higher level of security for government smartphones.
In a Politico article, published October 27, “Wyden implores Trump administration to secure personal devices”, Senator Wyden made two key statements to Homeland Security Department Secretary Elaine Duke, and NSA Director Adm. Mike Rogers, highlighting the growing problem of:
- smartphone security
- smartphone sensors
First, on smartphone security Senator Wyden wrote, “This raises deeply troubling questions about whether the White House regularly screens personal devices for foreign malware…”. Although Wyden’s request is directionally correct, national security advisors will quickly educate him on the lack of means available to properly monitor and secure smartphones. Neither Apple nor Android give IT administrators the proper visibility and tools to detect and remediate smartphone security problems for enterprise, government, or individuals.
Second, Wyden at least partially described the characteristics of a compromised smartphone and its sensors by stating, “hackers could co-opt personal cellphones, turning microphones into listening devices”. But this is just the beginning. Hacking into smartphones sensors will allow an adversary to understand “what you say, what you see, where you go, and whom you meet”, or in other words, access to Data in Vicinity.
Almost all sensitive information is verbally discussed before transcribed and distributed, either electronically or by conventional means. To protect the origin of sensitive information, government officials must protect smartphone microphones and cameras from mobile espionage. Doing this will at least give government personnel an electronic safe-haven, both domestic and abroad, from digital prying ears and eyes.
For additional insight, download our brief on safeguarding sensitive information for government and military personnel.
Editor's Note: This post was originally published in November 2017 and has been updated for accuracy and comprehensiveness.