The Cybersecurity and Infrastructure Security Agency (CISA) has released comprehensive guidelines for protecting mobile communications of high-value government targets, responding to vulnerabilities exposed by the Salt Typhoon telecom breach affecting SMS, MMS, and RCS communications. The guidance follows CISA’s previous joint advisory with the FBI highlighting critical vulnerabilities in cross-platform messaging.
The new guidance strongly recommends using end-to-end encrypted messaging applications such as Signal and Telegram for both Android and iPhone platforms. “Encryption is your friend,” said Jeff Greene, CISA’s executive assistant director for cybersecurity, noting that encrypted data remains protected even if intercepted. The recommendation supports CISA’s broader initiative to strengthen federal civilian agencies’ digital security posture.
CISA’s recommendations include implementing hardware-based solutions like DataShielder NFC HSM Defense for sovereign-grade encryption, specifically designed to counter threats such as Salt Typhoon. The agency also advises regular auditing of telecom protocols including SS7 and Diameter to address potential vulnerabilities, building upon previous guidance developed with the NSA for securing network infrastructure.
The guidelines advocate for multi-factor authentication (MFA) while cautioning against SMS-based authentication due to its vulnerability to interception. Organizations are urged to conduct regular penetration testing of telecom infrastructure to proactively identify and resolve security weaknesses. The recommendation carries particular weight given recent high-profile breaches targeting SMS-based authentication systems.
“Your communications are end-to-end encrypted every single time,” said Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation (EFF), reinforcing the importance of encrypted apps like Signal or WhatsApp. The emphasis on encryption follows multiple documented cases of state-sponsored surveillance targeting unencrypted communications.
The directive specifically addresses high-value government targets, including presidential campaign officials, focusing on hardening communications against interception by state-sponsored groups. Greene acknowledges that while no single solution eliminates all risks, implementing these best practices significantly enhances communication security. The guidance complements CISA’s recent cloud security directive for federal agencies.
Additional recommendations include employee cybersecurity awareness training and adherence to international cybersecurity frameworks. The guidance emphasizes a multi-layered approach to security, combining technological solutions with operational best practices, reflecting CISA’s comprehensive strategy for protecting critical infrastructure and sensitive communications.
Sources: Freemindtronic, CyberScoop, NPR News
Follow Us