Technology
You may still need a feature phone for safe calls, SMSes
New Delhi, Nov 24
In the wake of reported snooping attacks on smartphones owned by people who matter (WhatsApp-Pegasus spyware being the latest example), making that humble feature phone your secondary companion wont be a bad idea as it still has a smaller attack surface.
The feature phone in your pocket can be used for basic calling and texting requirements, keeping you away from the prying eyes of nation-state bad actors or individual hackers looking to spy on your data, as the device will be free of third-party apps that open possibilities of "backdoor" entry by hackers who exploit vulnerabilities lurking in the operating system and codes.
Smartphones today present more danger than ever. Researchers have found vulnerabilities that impact the camera apps of Android-based smartphones, presenting significant implications to hundreds of millions of smartphone users.
Reports also surfaced that hackers may use a critical vulnerability in WhatsApp to execute snooping attack on both Android and iOS devices via sending a downloadable MP4 file.
According to Prateek Bhajanka, Senior Principal Analyst at Gartner, it is high time that we acknowledge the fact that nothing is inherently secure, and 100 per cent security is unattainable and impractical.
"Yes, a feature phone has a smaller attack surface compared to smartphones, but it does have an attack surface. Large scale attacks leveraging SS7 vulnerabilities have come to light, which feature phones are subject to," Bhajanka told media.
An SS7 attack is an exploit that takes advantage of a weakness in the design of SS7 (signalling system 7). While the SS7 network is fundamental to cellphones and its operators, the security of the design relied entirely on trust.
The fact is: We do not read or hear security breaches in feature phones often because smartphones are goldmines for data when it comes to people of importance -- politicians, journalists, judges, celebrities, key members of the civil society and more.
Sanjay Katkar, Chief Technology Officer of cybersecurity firm Quick Heal, said that cybersecurity awareness and adoption in India, particularly among smartphone users, is extremely poor.
"Very few smartphone users have any security solution installed on their mobile devices. Most users also don't follow basic security hygiene, such as applying software patches and updates, and often click on suspicious links without verifying their veracity," Katkar told media.
This leaves Indian smartphone users vulnerable to threats in the cyberspace.
"With the global threat landscape evolving at a rapid pace, cyber-attacks are becoming more sophisticated. There will be more advanced threats to target smartphones, making these devices sitting ducks for such attacks," he warned.
Tarun Pathak, Associate Director at Counterpoint Research, said that people would not switch device segment for security.
"There are still many basic things within a smartphone which people don't know that can prevent them from being exposed to malware or fix the security issues (like software and security updates).
"In a mobile-first country like India, security is an elephant in the room and is one area which users still don't rate high in terms of preference and there is lack of awareness on that front," Pathak told media.
Moreover, said Bhajanka, implementing security or fixing security weakness in feature phones is all the way more difficult as embedded operating systems are difficult to patch and security vendors aren't actively offering security products for feature phones.
"Also, the feature phones may relatively be more secure than smartphones, but they can't be immune to state or nation-sponsored attacks or snooping which Pegasus is an example of," Bhajanka informed.
The only option that remains, added Katkar, is to be wary of cyber-attacks and follow robust security hygiene to counter the growing risk.
"One must strike the right balance between security and convenience, and smartphone users should be more aware of security hygiene practices such as -- do not download apps from illegitimate sources or publishers, do not click on weird links, have a passcode, etc.," advised Bhajanka.
However, trying a feature phone as an additional device won't be a bad idea, as it still remains a low-target, low-profile device.
The feature phone in your pocket can be used for basic calling and texting requirements, keeping you away from the prying eyes of nation-state bad actors or individual hackers looking to spy on your data, as the device will be free of third-party apps that open possibilities of "backdoor" entry by hackers who exploit vulnerabilities lurking in the operating system and codes.
Smartphones today present more danger than ever. Researchers have found vulnerabilities that impact the camera apps of Android-based smartphones, presenting significant implications to hundreds of millions of smartphone users.
Reports also surfaced that hackers may use a critical vulnerability in WhatsApp to execute snooping attack on both Android and iOS devices via sending a downloadable MP4 file.
According to Prateek Bhajanka, Senior Principal Analyst at Gartner, it is high time that we acknowledge the fact that nothing is inherently secure, and 100 per cent security is unattainable and impractical.
"Yes, a feature phone has a smaller attack surface compared to smartphones, but it does have an attack surface. Large scale attacks leveraging SS7 vulnerabilities have come to light, which feature phones are subject to," Bhajanka told media.
An SS7 attack is an exploit that takes advantage of a weakness in the design of SS7 (signalling system 7). While the SS7 network is fundamental to cellphones and its operators, the security of the design relied entirely on trust.
The fact is: We do not read or hear security breaches in feature phones often because smartphones are goldmines for data when it comes to people of importance -- politicians, journalists, judges, celebrities, key members of the civil society and more.
Sanjay Katkar, Chief Technology Officer of cybersecurity firm Quick Heal, said that cybersecurity awareness and adoption in India, particularly among smartphone users, is extremely poor.
"Very few smartphone users have any security solution installed on their mobile devices. Most users also don't follow basic security hygiene, such as applying software patches and updates, and often click on suspicious links without verifying their veracity," Katkar told media.
This leaves Indian smartphone users vulnerable to threats in the cyberspace.
"With the global threat landscape evolving at a rapid pace, cyber-attacks are becoming more sophisticated. There will be more advanced threats to target smartphones, making these devices sitting ducks for such attacks," he warned.
Tarun Pathak, Associate Director at Counterpoint Research, said that people would not switch device segment for security.
"There are still many basic things within a smartphone which people don't know that can prevent them from being exposed to malware or fix the security issues (like software and security updates).
"In a mobile-first country like India, security is an elephant in the room and is one area which users still don't rate high in terms of preference and there is lack of awareness on that front," Pathak told media.
Moreover, said Bhajanka, implementing security or fixing security weakness in feature phones is all the way more difficult as embedded operating systems are difficult to patch and security vendors aren't actively offering security products for feature phones.
"Also, the feature phones may relatively be more secure than smartphones, but they can't be immune to state or nation-sponsored attacks or snooping which Pegasus is an example of," Bhajanka informed.
The only option that remains, added Katkar, is to be wary of cyber-attacks and follow robust security hygiene to counter the growing risk.
"One must strike the right balance between security and convenience, and smartphone users should be more aware of security hygiene practices such as -- do not download apps from illegitimate sources or publishers, do not click on weird links, have a passcode, etc.," advised Bhajanka.
However, trying a feature phone as an additional device won't be a bad idea, as it still remains a low-target, low-profile device.
13 seconds ago
Trump denies reports of Israel sharing information on alleged Iranian assassination plot
4 minutes ago
India discusses strengthening relations with premier of Newfoundland and Labrador
5 minutes ago
China erasing Tibetan identity: ICT
6 minutes ago
Ceasefire with Iran over, talks to continue: Trump
7 minutes ago
Retailers' association seeks CCI probe into Flipkart over alleged unfair practices
8 minutes ago
Dept of Posts, TRAI to carry out telecom network performance survey across 5.68 lakh villages
8 minutes ago
Bank deposit surge in India indicates stronger capital flows, upbeat Q1 outlook
10 minutes ago
High alcohol-containing formulations to require licenses, prescription: Govt
12 minutes ago
Central Mini Ratna PSU HLL broadens population health role
13 minutes ago
Six women die after C-sections in Bhilwara, two in Banswara; Gehlot seeks central probe
14 minutes ago
FIFA WC: I still cannot believe what I am experiencing, says Spain's Merino
15 minutes ago
FIFA WC: Luis de la Fuente hails Spain's team spirit after bold selection calls pay off in semis win
16 minutes ago
FIFA WC: Norway coach Solbakken urges team to "be ourselves" against England
