Is my smartphone hacked - what can I do to protect?

Smartphones have become our basic necessity to communicate and get "close" with our family, peers and even bosses. Life without them would not be bearable. On the darker side of the internet, hackers are targeting victims by attacking their closest asset - your smartphone is one of the easiest conduits to reach out to you.

Understanding and Assessing your Risk Profile

Some questions that we need to answer to better protect the phone and ourselves against hackers.

• What are the channels accessible through the smartphone?
• What are the threat and risk that the smartphone is exposed to? 
• What are the tell tales and red flags to look out for? 
• How can we better protect ourselves to minimize our risk exposure? 
• What do we need to remind ourselves to stay vigilance and be alert on?
• What are the other areas to reduce our online footprint?

Before we see how we can better put up a defense against hackers, we need to understand our weakest links so as to manage the risk and impact if our device gets compromised.

Multiple Entry Channel - Weakest link

Smartphone features have been changing constantly. Any of the below (not limited to these) would become the weakest link for hackers to penetrate and compromise the device.   

1. Communication - Wi-Fi, Cellular networking, VoIP, SMS, and Messaging Chats (use of WhatsApp etc);
2. Network Services using Wireless personal area network interfaces - Bluetooth, Near-field comms; 
3. Global Position System to enable location services 
4. Recording feature - Digital Camera, Video & Voice recording 
5. Data Storage - Native (non-removable) device store and external card storage like MicroSD
6. Apps & Internet - Use of Social Network (Facebook, Twitter, LinkedIn, etc), eService (Banking apps, etc)
7. Email service -  Use of Email client for Enterprise (Outlook etc) and Personal email (Yahoo, Hotmail etc)
8. Data synchronization - Built-in to sync with desktop or laptop, Enterprise servers, telecommunication servers, any other 3rd party service providing an update to device and apps etc 

Threats that we faced - Impact & Implication

It is not just hackers that are a threat, there are far more. Below are 3 key ones that are of concern. 

• Malicious codes - Malware infecting the device due to visiting of compromised websites or the device has not been patched,Spyware or Fake applicationrecording the user activity in the background silently. Some spy software is programmed only to send data at various times.

• Mobile Cellular Provider - Communication using 3G/4G (and upcoming 5G) is not all in private as these channels may still face interception (insider). Even basic DNS requests and records of what sites you have been browsed are in the log which can be retrieved back in the event there are law enforcement requirements.

• Supply chain - Counterfeit phonesor Spoofed hardware may be planted into the smartphone with a backdoor (firmware, hidden admin accounts) deeply rooted and embedded beneath the mobile operating system. 

With the successful attack and penetration of our smartphone, our privacy will be in jeopardy. Hackers are likely to know where we stay and visit most often, what we are doing and who are our loved ones and working partner. Even our online identity and persona can be spoofed and misused to run their evil errands. The latter may damage an individuals (or even Enterprises) reputation and leakage of information will be a costly experience.  

Put Up a Strong Defence

Adopt a 4 "I" strategy as a form of self-defense regime. It will not be a once off exercise and we have to build it into our daily life in using the smartphone safely and securely.

Identify the Tell Tales Signs & find out if your phone has been hacked

• Battery gets hot and has signs of being drained off - Happens even if not many applications are open or even left alone, battery levels drop drastically though you have been charging diligently and the battery is not faulty)

• Unexpected Shutdown & Background noises  - Happens randomly though there is no pressing of the power up button. There is also echo feedback when you are talking over the phone, seem like someone can listen to your calls.)

• A sudden change in experience  - Happens with an increase of pop-up advertisement though you have not been installing any unknown apps, the call, and data usage is also surging without making sense like you are on holiday and not using the phone but yet the phone bill charges tell otherwise. 

• Strange Message received - Happen to be getting odd looking text messages, usually with just numbers and symbols. There may be some programs that use SMS texts (or chats) to issue commands to your phone). 

• Jailbroken Phones (Apples) or Rooted (Android) - Happen for no reason that you know, found some strange folder created with typical jailbreak toolkits like Cydia or Icy. If someone wants to monitor your device, they will most likely need to make your phone "root admin accessible" first. 

Internalise the regime of upholding Cyber Hygiene

• Install (where possible) a Mobile version of an anti-malware application to help check for any anomalous attempts to break the device and there are security apps that go beyond a typical anti-virus such as Zimperium Mobile threat preventionthat detect and block dirty works that tamper with your system files, cryptographic certificates and exploitation attempts on known vulnerability yet to be patched.  

• Keep the device updated to the latest working version. Often it is the apps that need to be updated rather than the device firmware, but if the latter does start to prompt you (through your trusted clean phone companion application in the laptop or self-check), do get the patch complete as early as possible. Always backup your file. The patch software should prompt you for that (but do not just depend on it and always maintain a good latest working backup).

• Encrypt your data and storage card, most tend to forget the latter. In the event of a confirmed device loss, you may consider sending a remote wipe command so that your data stays safe from leaking out to others. It is of best effort as often the wipe command may not be acknowledged as the phone battery went flat or it is not connected online. 
  • Minimally the data stays encrypted and device remains locked. Check out "Find My iPhone/iPad" - good thing is if an iOS device is erased, so long as this setting was active, it can’t be used again without access to the iCloud account password.

Inculcate strong Awareness and maintain high Vigilance

• Switch off the unnecessary interfaces especially Wi-Fi (especially in hot spots where other may be already tapping to the access point unknown to you) and GPS (especially when you are not doing any street directory searching or trying to get a cab which will often need access to where you are). 

• Visit only the reputable apps stores. It is enough to say not to go to a shady store and install unknown apps that you are just curious about but don't really need. Once installed, the malicious app may stay resident and without formatting the whole device you are already being monitored by the attacker in the background.

• Stay alert for phishing emails and do not click on suspicious links in the email client, online advertisement, chat messages or SMS. These are likely spoofed links to try to get their attack kit into the device. If not sure and in doubt, simply delete that message or ignore the pop outs and prompts - don't be tricked and fall into their traps.

• If you need to leave your smartphone unattended and in public, I can tell you straight out that there would be many eyes on it. To install spyware into the phone can be done very quickly, probably in seconds or a minute or more at the most. The silent process can be installed while you're eating and unnoticed, even if you are using the phone, it is that stealthy. 

• Make sure you enable lock screen and (for goodness sake) use a strong password (beware of GrayKey) or put in a biometric "lock" to make sure only your facial or finger is authorized to unlock the device - though they are still possible to be spoofed, but tougher and still serves well as a form of deterrence. 

Institute Proactive Stance to reduce exposure - additional tips

• Use of Burner phones or apps which allow you to create temporary disposable phone numbers. The main reason is to avoid leaving a trace of your phone activity. Stay safe and anonymous but use it for good intentions and don't abuse the use of them. 

• If you go to Settings – Applications – Manage Applications or Running Services, you may be able to spot suspicious looking files. Especially for those that are not having the native language or the app's icon seems different, duplicate or unknown apps name etc

• Good Spy programs usually disguise the file names so that they may not stand out often but sometimes there may still have hints like terms "Spy", "Monitor", "Stealth", "Tech Support", "Admin" or "Hide" etc. A good Android option is Anti Spy Mobile.

• You can monitor your phone's network usage by using your carrier's USSD (Unstructured Supplementary Service Data) codes - check out this guide to learn your carrier's USSD codes

• VPNs and TOR are worthy to be explored to mask out your IP address and make you hard to be traced back, possibly law enforcement have a way to track where your computer is located. But for the hacker, unless it is well planned and targeted, it is going to be difficult to reverse if you are subscribing to such services to get online. 
  • Another fringe benefit is it can give you access to sites that might be blocked in your country - that is not really a reason why these are shared in this article so use wisely and for good reasons.

Reflection in summary

I hope this short article can help to summarise the tips to increase our awareness in protecting our phone and in turn protect ourselves against the hackers. There are more good tips to keep your traces minimal and hard to be monitored.

Stay safe and secure in using your smartphone!