In response to a significant cybersecurity threat, the U.S. government has issued urgent guidance for senior government officials and politicians to abandon traditional phone calls and text messages in favor of more secure communication methods. This directive comes in the wake of major intrusions into American telecommunications companies, allegedly carried out by Chinese hackers.
On Wednesday, December 18, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released a set of best practices for mobile device usage, specifically targeting individuals in high-ranking government and political positions. The primary recommendation emphasizes the immediate adoption of end-to-end encrypted communications.
End-to-end encryption, a robust data protection technique, is available in various popular messaging apps such as WhatsApp, Apple’s iMessage, and Signal. Corporate solutions like Microsoft Teams and Zoom also offer this level of security for their users. This technology aims to ensure that only the intended sender and recipient can access the content of their communications.
The urgency of this guidance stems from recent cyberattacks attributed to a group known as “Salt Typhoon,” which U.S. officials claim is operated by the Chinese government. These hackers reportedly compromised at least eight telecommunications and infrastructure firms in the United States, resulting in the theft of metadata from a large number of American citizens.
The government’s recommendation to shift away from traditional phone networks for official communications underscores the severity of the situation.
Additional recommendations from CISA include avoiding text message-based one-time passwords commonly used by banks for verification and implementing hardware keys to protect against phishing attacks. Cybersecurity professionals stress that these measures are crucial not only for protection against Chinese actors but also for safeguarding against a wide range of potential threats from various malicious entities.