Cyber Security News

CISA Released Secure Mobile Communication Best Practices – 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has released new best practice guidance to safeguard mobile communications amid rising concerns over cyber espionage activities linked to People’s Republic of China (PRC)-affiliated threat actors.

These malicious actors have been targeting commercial telecommunications infrastructure to intercept call records and compromise the private communications of highly targeted individuals, including senior government officials and political figures.

The guidance, titled “Mobile Communications Best Practice Guidance,” outlines robust recommendations to enhance the security of mobile communications. While the advice benefits all users, it specifically focuses on protecting individuals who are likely to hold sensitive information of interest to cyber threat actors.

Key Highlights of the Guidance

CISA strongly advises individuals, particularly those at high risk of targeting, to assume that all mobile communications—whether on government or personal devices—are vulnerable to interception.

Although no single solution entirely eliminates risk, CISA emphasizes that adopting the outlined best practices can significantly enhance protection.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

General Recommendations for All Users

Here is a table summarizing the recommendations:

RecommendationDetails
Adopt FIDO AuthenticationEnable phishing-resistant, hardware-based FIDO methods like Yubico or Google Titan security keys. Enroll in Google’s Advanced Protection Program for Gmail users.
Use End-to-End Encrypted Messaging AppsOpt for secure messaging platforms like Signal, which feature end-to-end encryption. These apps offer enhanced privacy options such as disappearing messages while supporting text, voice, and video communication across different platforms.
Avoid SMS-Based MFAMigrate to safer alternatives like FIDO authentication or authenticator apps, as SMS MFA is vulnerable to interception and phishing.
Use a Password ManagerStore complex passwords securely, receive alerts for weak or compromised passwords, and generate unique credentials.
Set a Telecom PINAdd an additional PIN to mobile carrier accounts to reduce risks from SIM-swapping attacks.
Update Mobile Software RegularlyEnsure operating systems and apps are up to date by enabling automatic updates.
Use the Latest Mobile HardwareUpgrade to the most recent devices to ensure critical security features are available.
Avoid Personal VPNsLimit VPN use to organizational requirements to avoid increasing the attack surface.

iPhone-Specific Recommendations

  • Enable Lockdown Mode to limit exploitable attack surfaces.
  • Disable SMS fallback for iMessage.
  • Use iCloud Private Relay to enhance privacy by masking IP addresses and encrypting DNS queries.
  • Restrict unnecessary app permissions, such as camera and microphone access.

Android-Specific Recommendations

  • Choose devices from manufacturers with long-term security update commitments and features like hardware-level security modules.
  • Use Rich Communication Services (RCS) with end-to-end encryption where available.
  • Configure Private DNS to trusted providers like Cloudflare or Google and enable Safe Browsing features in Chrome.
  • Regularly monitor Google Play Protect for malicious app detection and restrict sensitive app permissions.

A Broader Push for Cybersecurity Awareness

In addition to offering detailed technical instructions, CISA highlights the importance of reporting cyber incidents. Individuals and organizations can report threats or breaches by contacting CISA via phone, email, or its online portal.

This guidance reflects growing concerns about targeted cyberattacks on critical infrastructure, particularly in telecommunications, where vulnerabilities can have widespread implications.

By implementing these recommendations, CISA hopes to reduce risks for highly sensitive individuals and mitigate future threats from sophisticated adversaries.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Russian Company Gains Full Control Over Critical Open Source Easyjson Library

A startling discovery by Hunted Labs has brought to light a potential security risk lurking…

6 minutes ago

Researchers Simulate DPRK’s Largest Cryptocurrency Heist Through Compromised macOS Developer and AWS Pivoting

Security researchers at Elastic have recreated the intricate details of the February 21, 2025, ByBit…

51 minutes ago

Lampion Banking Malware Uses ClickFix Lures to Steal Banking Credentials

Unit 42 researchers at Palo Alto Networks, a highly targeted malicious campaign orchestrated by the…

58 minutes ago

DragonForce: Emerging Hybrid Cyber Threat in the 2025 Ransomware Landscape

DragonForce has swiftly risen as a formidable player in 2025, embodying a hybrid threat that…

1 hour ago

Mirai Botnet Actively Targeting GeoVision IoT Devices for Command Injection Exploits

The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of command injection…

2 hours ago

IBM Cognos Analytics Security Vulnerability Allowed Unauthorized File Uploads

 IBM has issued a security bulletin addressing two newly discovered, high-severity vulnerabilities in its Cognos…

3 hours ago