Mobile devices in Downing Street and the Foreign Office were targeted in the latest in a series of high-profile cyber attacks against the UK.

As the NCSC has been searching for infected smart devices, the PM’s phone has been tested for malware, and it is suspected that the UAE was probably behind the Pegasus hack on Number 10.

Software developers and cyber security professionals across the UK have stepped up their game, with frequent updates.

However as John Davis, Director UK & Ireland, SANS Institute, EMEA, explains, users also need to be on alert:

“Mobile spyware is another tool in a cybercriminal’s kit that may be used to steal valuable information from a victim. Pegasus and Flubot variants both have seemingly simple attack vectors, but the outcomes can cause serious damage. Downing Street falling foul of targeted hacking software reminds us that even the Government isn’t safe from such cyber assaults.

“Contrary to popular belief, mobile malware less often relies on zero-day vulnerabilities, but more commonly leverages known, reported security loopholes, hoping to target unpatched systems or applications, to infiltrate and wreak havoc on mobile devices. Mobile users need to be wary of suspicious SMS/iMessage notes, or mechanisms around “overlay” applications. These are designed to look like legitimate applications, but instead contain trojans developed to steal user data to send to malicious third parties.

“When it comes to mobile defence, there are multiple strategies to explore. A device’s manufacturer often provides the first line of protection with hardware upgrades. Alongside this, users can take data protection into their own hands and leverage mobile device management (MDM) for additional protection on their mobile devices. MDM provides administrator-level capabilities for mobile devices and is often used by agencies and corporations that provision and manage the wellbeing of devices for a group of users. MDM can control jailbreak/root detection, remote wiping of a device or application, password locks and applications updates.

“Ultimately, end users should remember best practices they learned on other digital platforms and keep up good habits when accessing, storing, and utilising sensitive information on mobile devices. Users should also be reticent to not relax or adjust in-built security settings, as doing so opens up devices to vulnerabilities. Keep your devices current and updated and adhere to the security settings already in place to make for a safer overall experience. If there are red flags, don’t ignore them – valuable information flows on phones every day, so if cybercriminals can access this, then it can potentially spell disaster for individuals or companies.”

About John Davis

John is Director of UK & Ireland at SANS Institute, the most trusted and by far the largest source for information security training and security certification in the world. John is recognised for his performance in sales and leadership, playing a decisive role in business development. John’s main focus is delivering on SANS Institute’s founding mission to protect people and assets through sharing cybersecurity knowledge and skills, which is a vision front-and-centre in the company’s growth roadmap.