Vault 7 and your device

I just wanted to do a quick update on this. If you were not already aware, wiki leaks has leaked just part of a much larger leak on a CIA malware spying suite that affects everything from Smart TVs, to Android phones. Windows included, and Samsung Smart TVs, and also wearables. And worse, the malware arsenal, as its being called, has been leaked itself – it’s out there somewhere able to be used by anyone. To spy on you using your devices camera or microphone, or tap into your encrypted data and private messages. Huge news.

There are two major security flaws in the iOS and Android operating systems. Firstly, WiFi – the network packets are large, and thus passwords can be easily sniffed, unlike a Windows or Blackberry device which are more secure internally on a network. Secondly, malware – because the operating systems themselves have very locked down permissions, attacks usually come in the form of e-mail links, fake apps, and other “Trojans” that use your interaction to gain access to the device. They exploit the user, rather than the OS.

Such is the case with the Vault 7 CIA suite.

So, what can you do to protect yourself from malware and hackers?

1)      Do not use public Wi-Fi, and if you do, use a well known VPN service – protect those passwords.

2)      Do not download unknown apps – look into the permissions you are granting them, who makes the app, be suspicious. Just because it’s in your OS’s “app store” doesn’t mean its safe.  There are on record fake apps that have been found in the Play store and the Apple store.

3)      Do not click on random links from strangers in e-mail

4)      If you use Android, the most well rated app, according to third party testing in Germany on malware is Bitdefender Mobile Security. If you want a free option Avast Mobile Security is also very good according to those same Android virus testers “AV-TEST”.  

5)      If you get really paranoid use end to end encryption apps and white list your devices on your home Wi-Fi router.

There is no doubt in my mind, with all the sensitive data phones contain, that one day everyone will run virus software on their phone. Its a fact that malware on mobile devices is increasing over time. Desktop OSs have been around for decades. Hackers and virus makers on mobile platforms are just getting started. It’s true the OS makers plug leaks, and that mobiles are more secure than Desktops, but that doesn’t stop the Trojan threat.

Unfortunately if you are on iOS, the OS doesn’t give enough permissions to allow a piece of anti-malware software do what it needs to do – so you are stuck waiting for those updates from Apple.

Good news is Wiki leaks are sharing the larger leaks with the OS makers first – so there will be coming updates to everyone soon, to plug the security holes. In the meantime, now might be a timely occasion to either update your virus checker and do a thorough scan, or get one if you haven’t already. If your on Windows, Windows defender does a pretty good job, especially if its up to date, but it doesn’t hurt to also run “Malware bytes”, with often finds a few left overs and vice versa.