The rich are different, but their smartphones aren’t
The world might be turning to technology to solve everything from traffic to dating, but no one app or gadget will save the rich and famous from falling prey to cyberattacks, according to digital security experts.
Tech giants spend millions of dollars every year to protect their top executives from all kinds of physical threats. Facebook allotted almost $20 million in 2018 for protecting CEO Mark Zuckerberg and his family at his residences and during travel. In 2017, Apple CEO Tim Cook started using private jets paid for by the company because of safety concerns.
But when a report concluded that Amazon CEO Jeff Bezos’ phone was hacked, it shifted people’s attention to how high-profile people protect their cybersecurity.
“There’s no perfect tech control against cyberattacks,” said Roger Grimes, a security expert at KnowBe4 who trains its customers to raise cybersecurity awareness. High profile individuals are more vulnerable because they have less time for training but are exposed to more attacks, he said.
The rich and famous also can’t buy phones that are more secure than the average, said Mark Nunnikhoven, vice president of cloud research at software security firm Trend Micro.
“The level of technology has become so advanced for everyone that there’s no special class of phones that only the elite have access to,” he said.
Companies looking to protect their top brass have started paying more attention to digital security over the past two years.
Aamir Lakhani, a researcher at IT security firm Fortinet, said the focus has normally been on corporations’ own network, which includes teaching executives how to spot fraud in work emails.
Some smartphones use software that spots and removes malware, as well as web filtering tools that prevent employees from accessing websites that could be harmful. But firms can do more.
“I don’t think they’re really taking it to the point that they’re telling their execs that, ‘Hey, these threats are on you all the time. You have to be aware,'” Lakhani said. “They’re hoping some tech solutions will solve that, but it’s not going to.”
That’s because attacks like the one Bezos’ suffered “are designed specifically to get around the tech solutions,” Lakhani said.
The Amazon founder’s phone was hacked in May 2018 after receiving a WhatsApp message from Saudi Crown Prince Mohammed bin Salman with a video file, according to an analysis of the attack. Saudi Arabia has denied the accusations.
Smartphone users are conditioned to quickly reply to instant messages, which might lower their guard.
In 2018, Amazon spent $1.6 million on security for Bezos, according to filings with the US Securities and Exchange Commission. But the company did not disclose how much went toward digital safeguards.
Taking cover
“Are you an executive with billion-dollar business information on your phone? There might likely be an adversary willing to invest significantly to obtain it,” said Rod Soto, a cybersecurity researcher.
That’s why well-known individuals should take steps beyond the recommended security measures for the average Joe. All smartphone users should turn on automatic software updates, create strong passwords and have their devices lock after 30 seconds or a minute of being idle, among other actions, Nunnikhoven said. Backing up data to the cloud is also key.
On top of that, executives and celebrities should reset their phones every couple of months, he suggested.
“If anyone did compromise your phone, you’re wiping their foothold and they’re going to have to hack back in,” Nunnikhoven said. “For a normal person that’s kind of extreme, but for a high profile individual that threat factor is different.”
Famous people should also avoid downloading newly-launched apps and be “hyper aware” of how much information they allow apps to access. Soto also suggested having a phone just for travel and not putting any personal information on it.