DHS issues security alert against US Mobile Carriers

46

The Department of Homeland Security (DHS) has issued a warning that the phones sold by popular US telecom carriers are deeply flawed and could unknowingly expose sensitive data to hackers. This includes those running Android and a few iOS devices- which strictly indicate that those from the Apple iPhone series are also flawed.

A research conducted by Virginia based mobile security firm Kryptowire and funded by the Critical Infrastructure Resilience Institute, a DHS unit has confirmed the news.

Vincent Sritapan, a program manager at the DHS Science and Technology Directorate has disclosed that the flaw allows hackers to gain privileges and controls to take over the device and sneak into the data, emails, and text messages located on the victimized device.

DHS has failed to notify the manufacturer names of the devices sold by the popular mobile carriers. But the law enforcement department has openly confessed that all the millions of phones locked in a contract to Verizon, AT&T, T-Mobile, and Sprint are vulnerable to hackers.

Already the manufactures whose handsets are vulnerable have been informed about the flaw by DHS. The team is expected to release the names of the phones later this month after getting a confirmation from OEMs to make the matter public.

Note 1- A similar research promoted DHS to release a press statement last year to ban Blue phones last year. Amazon immediately acted upon the issue by blocking the sales of Blue phones through its website. Later, a press statement released by BLUE said that the flaw was a false alarm and was the work of some forces to tarnish their image in the market.

Note 2-Early this week, a Meltdown flaw- more concerned to the data processed by the mobile phone CPUs was discovered on Samsung Galaxy S7 devices. Samsung immediately issued a press statement by saying the fix for the flaw was available on its website since January this year and in July a more simple and sophisticated fix was made available to those who still haven’t patched their mobiles.

SHARE
Naveen Goud is a writer at Cyber Security Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security