The question of the ‘hackability’ and all-round security of mobile phones is one of those issues that seems to pop up back in the news agenda at certain moments, and it’s an understandable concern.
After all, we’re seemingly all so used to the sheer convenience of mobile phone use, that we might spend all day tapping away at our device, whether to text, tweet or Facebook message, without realising all of the ways we could be putting the control of our phone at risk.
It’s a big question, so let’s have a go at it, hopefully without boring you too much with the technical stuff. How easy is it to hack a phone like the iPhone, Android or a similar device you use every day?
It’s an issue that’s been taxing us for a while
When many people in the UK hear the term ‘phone hacking’, their minds are immediately cast back to the scandal over its use by multiple British newspapers published by News International – most notably News of the World, which was forced to close over the controversy in 2011.
Sure enough, if we look back at a BBC News article published as the scandal raged in September 2010, we have confirmation from Bloor Research mobile security analyst Nigel Stanley that the ease of hacking a handset “depends on how much money, time and effort you want to put into it.”
On the bright side, it’s not exactly likely these days that your own phone could get hacked using the exact techniques used by News International’s wrongdoers. Even in 2010, UK network operators were introducing changes to make it more difficult for anyone other than the correct customer to listen to voicemail messages.
In any case, a spokesman for mobile security specialists Adaptive Mobile, Simeon Coney, was quoted in the same article as saying that voicemail’s diminishing use made it a less attractive target.
Even in 2010, Mr Coney said that text hacking was much more difficult than voicemail hacking, explaining that it was “very, very hard to get access to people’s text messages without putting something on the device. It’s a separate architecture that the operators run to manage text messages.”
What about much more recent times?
As we mentioned above, mobile phone security hasn’t exactly faded as a subject of concern in the last few years. As reported by the Guardian in 2016, for example, hackers demonstrated that even if the user of a phone took a host of security precautions, a prospective criminal could track their location and snoop on their phone calls and texts with nothing more than their phone number.
The article explained that a would-be hacker could accomplish this by gaining access to the network interchange service known as Signalling System No. 7 (SS7), which is called C7 in the UK and CCSS7 in the United States and acts as a broker between mobile phone networks.
Fast-forward to February 2017, meanwhile, and The Verge was reporting about the recently inaugurated President of the United States, Donald Trump, and the unsuccessful attempts by his aides and national security staff to convince the former Apprentice host to cease tweeting from his Android smartphone.
The site explained that Mr Trump was continuing to issue tweets tagged as ‘Twitter for Android’. Furthermore, an image from 2015 indicated that the president used a Samsung Galaxy S3 – which, by the time of The Verge’s article, was an old model that hadn’t received a software update in more than a year.
The article continued: “Holding on to a consumer-grade phone is a very dangerous habit for a US president. Foreign intelligence agencies run some of the best and most dedicated hacking teams in the world. For those groups, breaking into a GS3 would be child’s play, which is exactly why the president is usually restricted to a secure phone with limited functionality.”
The Verge writer Russell Brandom said that if hacking groups got inside such a device, they could turn the phone into a live microphone, enabling them to listen to any conversations within earshot.
So, what can you do to protect yourself?
The good news is that there are various well-established ways to, if not exactly make your phone completely hack-proof, at least minimise your chances of becoming a victim of the biggest threats.
These include installing software updates for your phone as soon as they become available, and avoiding the use of any unofficial tools to “root” or “jailbreak” your device. On a rooted phone, it’s possible for hackers to surpass technical safeguards, thereby allowing apps to perform all manner of actions that would normally be technically prohibited, such as snooping on the user’s personal data.
It’s also vital to be careful about what you install on your smartphone. Every time you install an app to your device, you may be required to grant it permissions, such as the ability to read your files, listen in to your microphone or access your camera. These capabilities can be used perfectly legitimately by your device, but they could also be vulnerable to abuse, so you should think carefully before approving such requests.
Going public could leave you exposed!
Finally, there’s the matter of the public versus the private Internet – the difference between using public Wi-Fi when you’re out and about, and your private Internet connection at home.
Yes, it may be extremely convenient to be able to connect to free Wi-Fi at the local coffee shop, gym or train station, but simply ‘agreeing’ to the terms and conditions prior to logging in doesn’t guarantee that such public Internet access is safe.
It’s therefore a good reason to follow certain ‘common sense’ security practices when using public Wi-Fi, such as not paying that electric bill or logging into your Internet banking account. If you need to do anything this sensitive from a security point of view, we’d strongly advise you to wait until you get home and are able to connect to your own private Wi-Fi network.
We’d also urge you to be cautious about using public Wi-Fi to visit any other websites for which login information is necessary – such as social media sites, email accounts and so on. If you do log into such accounts while using public Wi-Fi, you should always ensure you sign out of your accounts.
So, is it that easy to hack a phone?
The short answer is yes, it certainly can be – but at the same time, there are a lot of things that you can do to greatly reduce your chances of being a victim. Follow tips like the above for when you’re using your smartphone, and you’ll probably be safe rather than sorry.