As the threat of international cyberattacks grow, the FBI is warning of a danger that most people are probably not aware exists: texting between different brands of cell phones. Specifically, while iPhone users are safe texting other iPhones, and Android users can securely text other Androids, sending messages between the two devices may be vulnerable to hacking, the feds warn.
Software update to improve cross-device texting opens security flaw
For years, iPhones and other Apple products have not been fully compatible with other companies’ devices, as users notice when texting one another across different companies’ phones. Under pressure from companies like Google, which makes the Android operating system, and Samsung, a major producer of Android phones, Apple recently adopted Rich Communication Services, or RCS, for its phones, making them more compatible with Android phones in features such as text messaging. However, authorities are now warning that this change has left messages sent from one type of device to another vulnerable to hacking. While iMessage for iPhones and Google Messages for Android phones each employ end-to-end encryption, which prevents would-be hackers from accessing the content of messages sent over these programs, messages sent between different programs lack this feature and thus may leave messages vulnerable to being intercepted.
Concerns over alleged hacking by Chinese forces
The growing alarm over message security comes after reports of a major cyberattack campaign this year that has been labeled Salt Typhoon. Federal authorities have stated that the attacks targeted eight American telecommunications companies, including AT&T and Verizon. The attack mostly succeeded in capturing metadata of texts and phone calls — information such as when messages or calls were made and to whom. But for a smaller number of users, many of whom appear to be politicians or government officials, hackers appear to have actually accessed the content of their messages. Federal authorities believe the Salt Typhoon campaign is being waged on behalf of the Chinese government, an accusation that China officially denies, leading American agencies like the FBI to warn cell phone users about the vulnerability of their text messaging in case of future attacks.
More secure messaging options
While the security flaws of RCS remains, what are cell phone users to do? For those who presumably don’t want to text only fellow iPhone or fellow Android users, third party apps like WhatsApp and Signal allow for secure communication across devices; Telegram does as well, but with more limitations. The adoption of RCS is in many ways a response to the growing popularity of these apps, especially WhatsApp, which has dominated international markets and is growing in adoption in the United States as well.
Given the international popularity of WhatsApp and its superior security in sending messages, the growth of this app may be accelerated even more due to concerns about the security of text messaging. Perhaps the competition will push companies like Apple to work faster to fix the security holes that the FBI is highlighting. Until then, concerned customers should think carefully about how they send their messages.
