RICHMOND: As a member of the secretive Senate Intelligence Committee, Sen. Angus King has reason to worry about hackers. At a briefing by security staff this year, he said he got some advice on how to help keep his cellphone secure.
Step One: Turn off phone.
Step Two: Turn it back on.
That’s it. At a time of widespread digital insecurity it turns out that the oldest and simplest computer fix there is — turning a device off then back on again — can thwart hackers from stealing information from smartphones.
Regularly rebooting phones won’t stop the army of cybercriminals or spy-for-hire firms that have sowed chaos and doubt about the ability to keep any information safe and private in our digital lives. But it can make even the most sophisticated hackers work harder to maintain access and steal data from a phone.
“This is all about imposing cost on these malicious actors,” said Neal Ziring, technical director of the National Security Agency’s cybersecurity directorate.
The NSA issued a “best practices” guide for mobile device security last year in which it recommends rebooting a phone every week as a way to stop hacking.
King, an independent from Maine, says rebooting his phone is now part of his routine.
“I’d say probably once a week, whenever I think of it,” he said.
Almost always in arm’s reach, rarely turned off and holding huge stores of personal and sensitive data, cellphones have become top targets for hackers looking to steal text messages, contacts and photos, as well as track users’ locations and even secretly turn on their video and microphones.
“I always think of phones as like our digital soul,” said Patrick Wardle, a security expert and former NSA researcher.
The number of people whose phones are hacked each year is unknowable, but evidence suggests it’s significant. A recent investigation into phone hacking by a global media consortium has caused political uproars in France, India, Hungary and elsewhere after researchers found scores of journalists, human rights activists and politicians on a leaked list of what were believed to be potential targets of an Israeli hacker-for-hire company.
The advice to periodically reboot a phone reflects, in part, a change in how top hackers are gaining access to mobile devices and the rise of so-called “zero-click” exploits that work without any user interaction instead of trying to get users to open something that’s secretly infected.
“There’s been this evolution away from having a target click on a dodgy link,” said Bill Marczak, a senior researcher at Citizen Lab, an internet civil rights watchdog at the University of Toronto.
Typically, once hackers gain access to a device or network, they look for ways to persist in the system by installing malicious software to a computer’s root file system. But that’s become more difficult as phone manufacturers such as Apple and Google have strong security to block malware from core operating systems, Ziring said.
“It’s very difficult for an attacker to burrow into that layer in order to gain persistence,” he said.
That encourages hackers to opt for “in-memory payloads” that are harder to detect and trace back to whoever sent them. Such hacks can’t survive a reboot, but often don’t need to since many people rarely turn their phones off.
“Adversaries came to the realization they don’t need to persist,” Wardle said. “If they could do a one-time pull and exfiltrate all your chat messages and your contact and your passwords, it’s almost game over anyways, right?”
A robust market currently exists for hacking tools that can break into phones. Some companies like Zerodium and Crowdfence publicly offer millions of dollars for zero-click exploits.
And hacker-for-hire companies that sell mobile-device hacking services to governments and law enforcement agencies have proliferated in recent years. The most well known is the Israeli-based NSO Group, whose spyware researchers say has been used around the world to break into the phones of human rights activists, journalists, and even members of the Catholic clergy.
NSO Group is the focus of the recent exposés by a media consortium that reported the company’s spyware tool Pegasus was used in 37 instances of successful or attempted phone hacks of business executives, human rights activists and others, according to The Washington Post.
The company is also being sued in the U.S. by Facebook for allegedly targeting some 1,400 users of its encrypted messaging service WhatsApp with a zero-click exploit.
NSO Group has said it only sells its spyware to “vetted government agencies” for use against terrorists and major criminals. The company did not respond to a request for comment.
The persistence of NSO’s spyware used to be a selling point of the company. Several years ago its U.S.-based subsidy pitched law enforcement agencies a phone hacking tool that would survive even a factory reset of a phone, according to documents obtained by Vice News.
But Marczak, who has tracked NSO Group’s activists closely for years, said it looks like the company first starting using zero-click exploits that forgo persistence around 2019.
He said victims in the WhatsApp case would see an incoming call for a few rings before the spyware was installed. In 2020, Marczak and Citizen Lab exposed another zero-click hack attributed to NSO Group that targeted several journalists at Al Jazeera. In that case, the hackers used Apple’s iMessage texting service.
“There was nothing that any of the targets reported seeing on their screen. So that one was both completely invisible as well as not requiring any user interaction,” Marczak said.
With such a powerful tool at their disposal, Marczak said rebooting your phone won’t do much to stop determined hackers. Once you reboot, they could simply send another zero-click.
“It’s sort of just a different model, it’s persistence through reinfection,” he said.
The NSA’s guide also acknowledges that rebooting a phone works only sometimes. The agency’s guide for mobile devices has an even simpler piece of advice to really make sure hackers aren’t secretly turning on your phone’s camera or microphone to record you: don’t carry it with you.
AP Newsroom
Thu Jul 29 2021
![Turn off, turn on: Simple step can thwart top phone hackers Turn off, turn on: Simple step can thwart top phone hackers](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2021-07/61627493174_phone.jpg)
In this Feb. 17, 2016, file photo an iPhone is seen in Washington. (AP Photo/Carolyn Kaster, File)
![KPT aku-akukan syor PAC guna garis panduan pelaburan universiti awam untuk anak syarikat KPT aku-akukan syor PAC guna garis panduan pelaburan universiti awam untuk anak syarikat](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-07/81719822088_ZambryAbdKadir.jpg)
KPT aku-akukan syor PAC guna garis panduan pelaburan universiti awam untuk anak syarikat
KPT mengalu-alukan cadangan PAC berhubung pelaksanaan dan pemakaian Garis Panduan Pelaburan dan Pembiayaan oleh Universiti Awam 2024, kepada anak-anak syarikat di bawah seliaan kementerian itu.
![SUKMA 2024: Sepak takraw wanita mungkin digugurkan SUKMA 2024: Sepak takraw wanita mungkin digugurkan](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-07/61720679430_AbdulKarimRahman.jpg)
SUKMA 2024: Sepak takraw wanita mungkin digugurkan
Sepak takraw wanita berpasukan berkemungkinan akan digugurkan daripada senarai acara temasya Sukan Malaysia (SUKMA) 2024 berikutan jumlah penyertaan kurang daripada jumlah minimum yang ditetapkan.
10 Berita Pilihan - (16 Julai 2024)
Antara pelbagai berita dalam dan luar negara yang disiarkan di Astro AWANI, berikut adalah yang paling menjadi tumpuan sepanjang hari ini.
![Enam rakyat Vietnam ditemukan maut di sebuah hotel di Bangkok Enam rakyat Vietnam ditemukan maut di sebuah hotel di Bangkok](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2023-12/41702437730_maut.jpg)
Enam rakyat Vietnam ditemukan maut di sebuah hotel di Bangkok
Enam orang ditemukan maut di sebuah hotel di Bangkok, Thailand pada Selasa laporan media tempatan yang memetik polis Bangkok.
AWANI 7:45 [16/07/2024] - Suspek dibawa ke lokasi | Selamat tinggal rakyat Malaysia | Harimau Malaya hilang taring?
- Polis sahkan suspek bunuh Kartini anggota polis.
- Pan-Gon enggan dedah punca letak jawatan.
- Faisal Halim sedih mentor Pan-Gon undur diri.
- Pakai reben putih di Parlimen, tak salah.
- Pan-Gon enggan dedah punca letak jawatan.
- Faisal Halim sedih mentor Pan-Gon undur diri.
- Pakai reben putih di Parlimen, tak salah.
![Isteri calon gandingan Trump letak jawatan di firma guaman Isteri calon gandingan Trump letak jawatan di firma guaman](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-07/41721139141_TBJDUSHA.jpg)
Isteri calon gandingan Trump letak jawatan di firma guaman
Usha Vance, isteri kepada Senator J.D. Vance yang dipilih sebagai calon gandingan bekas presiden Amerika Syarikat (AS) Donald Trump awal minggu ini, telah meletakkan jawatannya di sebuah firma guaman,
![Najib fail permohonan di mahkamah rayuan cabar Titah Adendum Najib fail permohonan di mahkamah rayuan cabar Titah Adendum](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2023-05/71683779541_TBNAJIBRAZAK.jpg)
Najib fail permohonan di mahkamah rayuan cabar Titah Adendum
Berdasarkan sistem e-filing mahkamah, rayuan itu telah ditetapkan untuk pengurusan kes pada 7 Oktober ini.
![Pangsapuri mewah bernilai RM1 juta menanti pemenang emas Olimpik Pangsapuri mewah bernilai RM1 juta menanti pemenang emas Olimpik](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-07/51721138010_HannahYeoh.jpg)
Pangsapuri mewah bernilai RM1 juta menanti pemenang emas Olimpik
Hannah Yeoh berkata Jawatankuasa RTG telah menerima tawaran daripada pemaju hartanah, Top Residency, yang berminat untuk menghadiahkan pemenang pingat emas pertama.
![E-sukan harus dijadikan kepentingan sehingga ke peringkat lebih tinggi E-sukan harus dijadikan kepentingan sehingga ke peringkat lebih tinggi](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-07/61721128633_MohdHidayatMohdSa.jpg)
E-sukan harus dijadikan kepentingan sehingga ke peringkat lebih tinggi
Kerajaan juga harus wujudkan sebuah dasar yang jelas supaya kepentingan e-sukan ini mampu diperkembangkan ke masa hadapan.
![Kerajaan pandang serius penularan ideologi liberalism, pluralism Kerajaan pandang serius penularan ideologi liberalism, pluralism](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-07/61721122322_ZulkifliHasan.jpg)
Kerajaan pandang serius penularan ideologi liberalism, pluralism
Kerajaan sentiasa memandang serius terhadap penularan ideologi dan aliran pemikiran yang bercanggah dengan ajaran Islam seperti ideologi liberalism dan pluralism agama.
![Anda kini boleh uji iOS 18 Public Beta Anda kini boleh uji iOS 18 Public Beta](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-07/41721100842_iOSPublicBeta.jpg)
Anda kini boleh uji iOS 18 Public Beta
Walaupun iOS 18 Public Beta sedia dimuat turun, ia masih lagi dalam peringkat pembangunan dan ujian.
![Apple sasar permintaan iPhone 16 lebih tinggi tahun ini, selari pengenalan integrasi AI Apple sasar permintaan iPhone 16 lebih tinggi tahun ini, selari pengenalan integrasi AI](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-06/81719026701_tbAppleIntelligence.jpg)
Apple sasar permintaan iPhone 16 lebih tinggi tahun ini, selari pengenalan integrasi AI
Apple turut menyasarkan pendapatan tahunan 2024 yang lebih tinggi, selari pengenalan ciri kecerdasan buatan pada sistem operasi mereka.
![Peranti IoT baharu Apple untuk rumah tertiris dengan cip A18 Peranti IoT baharu Apple untuk rumah tertiris dengan cip A18](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-07/71720154048_tbAppleA.jpg)
Peranti IoT baharu Apple untuk rumah tertiris dengan cip A18
Peranti ini dikatakan akan berada dalam kategori yang sama dengan HomePod dan Apple TV iaitu aksesori untuk rumah.
![Apple dijangka mulakan pengeluaran AirPods dengan kamera inframerah menjelang 2026 Apple dijangka mulakan pengeluaran AirPods dengan kamera inframerah menjelang 2026](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2023-09/81694917770_Airpods.jpg)
Apple dijangka mulakan pengeluaran AirPods dengan kamera inframerah menjelang 2026
Mengikut laporan awal, ia dikatakan akan diintegrasikan bersama penggunaan Vision Pro sekali gus memberikan pengalaman yang lebih baik kepada pengguna ketika memakai set kepala tersebut.
![Suruhanjaya Eropah lancar siasatan ke atas App Store Suruhanjaya Eropah lancar siasatan ke atas App Store](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-06/61719225623_EuropeanCommission.jpg)
Suruhanjaya Eropah lancar siasatan ke atas App Store
Suruhanjaya Eropah akan meneliti amalan gergasi teknologi itu mengenakan bayaran kepada gedung aplikasi alternatif dan pembangun aplikasi setiap kali pengguna iPhone memasang perisian mereka.
![Apple, Meta bincang kerjasama penawaran kecerdasan buatan Apple, Meta bincang kerjasama penawaran kecerdasan buatan](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-06/81719026701_tbAppleIntelligence.jpg)
Apple, Meta bincang kerjasama penawaran kecerdasan buatan
Antara perkara yang dibincangkan adalah mengintegrasikan model kecerdasan buatan yang dibangunkan Meta terus ke sistem Apple Intelligence.
![Microsoft kembali atasi Apple, NVIDIA sebagai syarikat paling bernilai di dunia Microsoft kembali atasi Apple, NVIDIA sebagai syarikat paling bernilai di dunia](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-06/81719200626_Microsoft.jpg)
Microsoft kembali atasi Apple, NVIDIA sebagai syarikat paling bernilai di dunia
Microsoft berada di kedudukan teratas dengan nilai pasaran $3.343 trilion (RM 15.75 trilion), dengan Apple di tangga kedua dengan nilai $3.191 trilion, dan NVIDIA pula dengan nilai $3.113 trilion.
![Apple Store pertama di Malaysia guna tenaga lestari sepenuhnya Apple Store pertama di Malaysia guna tenaga lestari sepenuhnya](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-06/51718860047_AppleStore.jpg)
Apple Store pertama di Malaysia guna tenaga lestari sepenuhnya
Ia akan dibuka secara rasminya pada 22 Jun ini, sekali gus memudahkan pengguna tempatan mendapatkan pelbagai produk Apple.
![NVIDIA atasi Microsoft sebagai syarikat paling bernilai NVIDIA atasi Microsoft sebagai syarikat paling bernilai](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-06/51717639416_NVIDIA.jpg)
NVIDIA atasi Microsoft sebagai syarikat paling bernilai
NVIDIA, Microsoft dan Apple kekal sebagai syarikat yang mempunyai nilai pasaran melebihi $3 trilion.
![Apple fokus pembangunan iPhone 17 yang lebih nipis untuk 2025 Apple fokus pembangunan iPhone 17 yang lebih nipis untuk 2025](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-06/81718597559_iPhoneApple.jpg)
Apple fokus pembangunan iPhone 17 yang lebih nipis untuk 2025
Apple dijangka memperkenalkan peranti-peranti lain yang nipis dalam tahun-tahun akan datang.