How can you tell if your phone has been compromised?
“There are a number of different ways,” said Gregg Smith, CEO, KoolSpan, in an interview with Mobile Enterprise. One of the most notable is when weird text messages appear. These are basically gibberish, and usually arrive from unknown sources. In this case, Smith advises the user to look for the opt-out capability on the text message, and shut it down. (Sometimes the messages simply say “stop.”) And if that doesn’t work, call the wireless carrier immediately.
In other cases, a user won’t notice a problem until they receive a bill and realize he or she has sent out a ton of premium SMS messages. The hacker is getting paid to send out such texts. (Known as “Toll Fraud,” this is more common in Eastern Europe than the U.S.)
However, what should be noticeable is when a battery starts to drain very quickly without reason—like the device was previously dropped, came in contact with water, etc. If this occurs, watch the device in real time, Smith says. At the top right-hand side of every smartphone are the signal strength bars. If you have really good coverage, but then suddenly see “GSM” appear, there is a “real high probability that the phone is compromised.” KoolSpan’s own chief technology officer had this happen recently while in an airport’s club card lounge.
“When that happens, instantaneously take the battery out,” Smith said.
Airport lounges, like other public spots such as hotels and tradeshows, are great places for hackers because many devices are hopping on to an unsecured network and few users are paying attention to how they are accessing it. “No one reads the terms and conditions,” Smith said. Therefore, this becomes a significant opportunity to accidentally accept malware.
And although there have not been any reported incidents of hackers targeting the public charging stations themselves, Smith sees this as a likely scenario in the future, as cyber thieves try anything and everything to find money, or someone in the business world to obtain sales/product intellectual property.
Raise Awareness/Get Proactive
Typically, an individual, and unfortunately, even an enterprise, does not proactively protect a device; rather, it becomes an after-the-fact response. But since the NSA/Snowden case blew up in the media, people have become alarmed and are taking action on their own. As a result, KoolSpan has seen great demand from end-users and an uptick in small business owners since that event.
The search term that brings the most visitors to the company’s site is "How can I tell if my phone is being tapped?"
KoolSpan, which primarily worked with governments and enterprises, and mobile partners such as S-1, a Samsung company, decided to provide its turn-key solution for individuals in response to this demand. The TrustChip, a small microSD the size of a fingernail, can be placed in a smartphone or laptop.
The encryption engine allows a variety of applications to run with a heightened level of security, from secure calls and text messaging to file-sharing. In addition, through a software kit which leverages the chip, any mobile app can be secured.
There are areas around the world that are higher risk when it comes to invading privacy. China, for example, starts tracking visitors as soon as they arrive. “When you land on the ground at the airport, a user must agree to this and that,” Smith explained. “The government, through the wireless carriers is likely starting to track you. And probably intercepting the entire time you are there.”
Other dangerous hotspots include Eastern Europe, the Middle East and Latin America. However, it can happen anywhere, Smith said. “It could happen in New York, it can happen in LA. It’s no longer the kid in a dark room trying to hack a computer. It can be our adversaries or even our friends to the U.S., organized crime, other companies, etc. Regardless of who is doing it— it’s happening.”
End-User to Enterprise
The Ashcroft Law Group, founded by Former Attorney General John Ashcroft, has recently decided to deploy TrustChips to attorneys. (The firm does not necessarily provide devices to attorneys, but will provide the chip.)
“In our business, advanced security is a must,” said Lori Sharpe Day, Managing Partner, Ashcroft Law Group, in a company statement. “Our team has worked with government leaders and corporate executives around the world to respond successfully to some of the most serious security threats, financial crises and litigation challenges of the past two decades.”
“As digital communications become ubiquitous, this increasingly includes the integrity of the information entrusted to us by our clients, and the work we do on their behalf via voice and data communications,” she said.