A smartphone hack is something that seems far away from us, but it may happen to any of us. Amazon CEO Jeff Bezos, one of the richest people in the world, had experienced smartphone hacks recently. On the afternoon of May 1, 2018, Amazon CEO Jeff Bezos received a message from WhatsApp. The account that sent this message was actually owned by Mohammed bin Salman, Crown Prince of Saudi Arabia. Bezos and Salman used to communicate through WhatsApp, and Bezos received a message from Salman. The message was a video with Saudi and Swedish flags and Arabic text. This video file of about 4.4M is actually not a simple video as there was a piece of independent code that is only about 14 bytes hidden. This code is likely to be implanted with malicious and toxic software, which can allow attackers to directly access Bezos’ entire package Mobile phone, including his personal photo album and private newsletter.
If you want to avoid having your own company’s CEO be the star of a similarly sleazy story, then there are certain things that you can do to protect your C-level executives from such cyber attacks. Of course, no one is completely safe though, the risk can be minimized. Here are some suggestions for executives:
- Using hardened Android devices while traveling through regions where the mobile network operators should be considered hostile actors.
- Moving away from the use of WhatsApp is key, as there are more attacks than ever flowing through that platform.
- Being aware of social engineering as it is on the rise and can enable a criminal to circumvent even the most stringent security measures with the help of their unwitting target.
- Making sure C-level staff have clear escalation channels for checking and reporting potential attacks.
LIFARS provides highly focused skill training and practical experience to address the cyber workforce security needs for your organization. Our program is a flexible curriculum in scope, length, and content to suit the particular needs of our clients. Training can be administered in half-day, full-day, or multiple-day training sessions; online or on-premises sessions. Executive training is one of the areas we specialize in.
Contacting LIFARS is Your Next (First?) Step for Handling Cyber Incidents.