Jeff Bezos iPhone hacking: How to protect your phone from cyber hackers
Amazon founder and CEO Jeff Bezos' cellphone was reportedly hacked after he opened a message in WhatsApp.
Some people are wondering how hackers tricked the founder of the most valuable brand in the world into watching a video on his iPhone that contained malware.
Two U.N. experts called for an investigation by the U.S. into information they received suggesting Amazon founder Jeff Bezos opened a malware-containing video message on the Facebook-owned messenger WhatsApp that appeared to come from Saudi Crown Prince Mohammad Bin Salman's personal account in 2018.
Check Point, a software company, has conducted extensive research on WhatsApp since 2018 and exposed vulnerabilities in the app that led to scams like this one involving Bezos, as well as updates in the app that have helped fix those vulnerabilities.
"Instant messaging and social media – as we’ve seen in the last three years – these are the mains target today from a phishing attack perspective," Oded Vanunu, Check Point head of product vulnerabilities research, told FOX Business. "We are talking about billions of people using these apps; [they] are used on all types of devices all over the world."
The fiancee of murdered Saudi Arabian journalist Jamal Khashoggi, Hatice Cengiz (fourth from left) and Amazon CEO Jeff Bezos (third from left) attend the opening ceremony of Khashoggi's monument. (Arif Hudaverdi Yaman/Anadolu Agency via Getty Images)
"These apps have become like gates to bad actors," he said, adding there is "a big public market for cyber-offensive vulnerabilities weapons. There are big offensive companies all over the world paying money for these kinds of vulnerabilities."
The bad actors in this situation gained access to Bezos' phone using a method called "phishing." Phishing is a popular hacking technique that tricks people into opening links and sharing personal information to give hackers access to devices.
BEZOS RETAINS CROWN AS WORLD'S RICHEST IN 2019, DESPITE LOSING $38B IN DIVORCE
Sixty percent of Americans say they or a close family member has been a victim or a phishing attack, according to a 2019 report from phishing protection company Retruster. Additionally, there was a 200 percent increase in phishing attacks via social media in 2018, according to Phishlabs.
"Consumers need to recognize that the very value proposition that makes WhatsApp appealing -- privacy and secrecy of messaging -- is what makes it an extremely desirable target for the bad guys and people with bad intentions," Richard Bird, chief customer information officer at software company Ping Identity, told FOX Business. "Secrets are too valuable of an asset for the bad actors not to at least try."
So, if the founder of Amazon can fall victim to phone hacking through social media, how can regular people prevent bad actors from getting access to their phones and personal information? Here are some tips.
Keep your apps up to date
"The first thing is always to make sure your apps are up to date," Vanunu said. "Vendors are always issuing updates. With updates, there are also security backs. It’s very important."
WHAT TYPES OF COMPANIES COULD BE TARGETTED BY AN IRANIAN CYBER ATTACK?
Phone, computer and tablet systems should also be updated on a regular basis.
Be wary of potential phishing messages
If Bezos' hacking story has taught the public anything, it's that people should be cautious when they are opening emails and messages -- especially on social media apps -- that contain links, videos and other content that requires the user to click or open a new tab on a device.
Users should also pay attention to email and general message senders and ask themselves if certain names and addresses are familiar or unrecognizable.
"You can’t tell people not to open videos and messages that are part of the application," Vanunu said. "But they should bear in mind that when they get messages from people they don’t know or groups they don’t trust, they should think twice."
Bird explained that even on an encrypted device or app, bad actors can still get access to sensitive information.
"Secrets are very hard to keep," he said. "Either someone wants them and hunts for them or we slip personally and disclose them. Even with encryption, a secret is still too tempting of a target to someone. WhatsApp is a good encrypted chat platform, but it doesn't change a single thing about the human desire to discover a secret."
Watch out for suspicious-looking calls and texts
Robocalls and scam text messages have unfortunately become the new norm in recent years. Most of these calls and texts are used to scam people into giving out personal information.
Do not pick up phone calls from unrecognizable numbers that look oddly familiar to your own phone number or come from the same area code. Voicemail is always an option for callers who are not scammers. Do not reply to or click on links in text messages that say anything about being the victim of a hacking attempt or being some kind of lucky winner.
Clear your cache
This is a phrase you may hear at work. "Clearing your cache" means regularly deleting browsing history, cookies and other information a device has been trained to immediately recognize when a user opens a particular app or website. This will minimize a user's "virtual footprint," or the amount of data visible to potential hackers.
Download a security app
There are phone security apps for Android and Apple smartphones that many people are unaware of, according to Vanunu.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
"Today on the market, there are some security products you can use that very few people know about and use," he said.
It is crucial, however, that users do their research before downloading and signing up for an app since apps themselves can have vulnerabilities that give bad actors access to personal information.
A Whatsapp App logo behind a Samsung Galaxy S4 phone that is logged on to Facebook in the central Bosnian town of Zenica, Feb. 20, 2014. (REUTERS/Dado Ruvic)
"Consumers need to ask themselves an important question for every app that they use," Bird said. "'Do I trust the solution more than I trust myself when it comes to my safety?' Don't assume the standard security settings in an app as 'safe'; if automatic downloads had been disabled in this case, it appears that this hack could have been avoided."
Understand the threat
Sometimes there is nothing that will stop a bad actor from accessing sensitive information on a device or through an app.
"There is a big public market for cyber-offensive vulnerabilities weapons. There are big offensive companies all over the world paying [millions] for these kinds of vulnerabilities," Vanunu explained.
"The reality of it is that these kinds of vulnerabilities that target Whatsapp and other apps are sophisticated. It’s not fair to say you can prevent these. Usually, it’s very hard to prevent it. They are seamless. This is why they are worth a lot of money in the market," he said.
CLICK HERE TO READ MORE ON FOX BUSINESS
Janice Valentine on Hack Access and making Dublin Airport accessible
Janice Valentine. Image: Hack Access
Hack Access founder Janice Valentine discusses her move from banking to running a hackathon – and where she hopes to take the project in the coming years.
Janice Valentine is the founder of Hack Access, an organisation that runs an annual hackathon focusing on how to make cities more accessible and inclusive by removing the barriers that can prevent people from working and living.
The first Hack Access hackathon was held in Dublin in November 2016. Now, as the hackathon enters its fourth year, the next event will focus specifically on developing solutions and sharing ideas on how to make Dublin Airport more innovative and accessible for everyone.
We spoke to Valentine about what drove her to make cities more accessible, the work that Hack Access has done so far, and where the organisation hopes to take its work in the coming years.
‘Anybody who has held a hackathon knows that the big challenge is keeping the momentum in the aftermath’– JANICE VALENTINE
The move from banking to hackathons
The story of Hack Access began five years ago, when Valentine was working in banking in London.
“I was coming out of a really tough period of my life – my brother had passed away, lots of things had gone wrong and I had been working in an industry that I felt was so vapid,” she told Siliconrepublic.com.
“I started to really look at what I was doing and how I was working and I saw so many injustices. At home, we had the collapse in the economy, while I was working in an area where people were incredibly wealthy, in a bubble, and had no idea of what problems were.”
When Valentine came home to Ireland, she saw that there were many societal and environmental problems impacting communities. It was then that she decided she wanted to do something about it.
“I had this desire to focus the attention of technologists and people who have the skills to do really amazing things and solve really big problems. When I was at my first Startup Weekend and figuring out exactly what I wanted to do, I had the idea and thought of my brother.
“I thought, this is something that he would have loved. All of the energy on stage, how smart everyone was and the things that they were creating. I wanted to harness all of this energy, or connect people with disabilities to it because I understood from my brother, who had muscular dystrophy, that technology was such an enabler.”
Valentine wondered what types of problems the people she met at Dublin’s Startup Weekend could solve with technology. After two years of planning and building her network, Hack Access held its first hackathon.
‘We have proven that there was an appetite’
The first hackathon was supported by Smart Dublin, which is an initiative that aims to position Dublin as a world leader in the development of new urban solutions, using open data, and with the city region as a test bed. This organisation has identified numerous mobility, environment, energy, waste and emergency management challenges that need to be solved.
A group of people brainstorming at a past hackathon. Image: Hack Access
Valentine said that by working with Smart Dublin, she got a good understanding of the concept of smart cities. “I realised there’s an incredible opportunity here to use IoT and the whole smart city programme for the benefit of accessibility.”
Last year, Dublin City Council also got on board with Hack Access. “We have proven that there was an appetite to get involved and to solve accessibility challenges, which is great,” Valentine said. “People with disabilities have been super supportive and they really see the value, in terms of creating a positive, action-oriented approach.
“It can be a very negative topic and for very good reason. People can get entrenched or bogged down in the negativity. It can be very problems-focused, rather than solutions-focused. I wanted to try and create something that gave us all an opportunity to do something ourselves and to try and take control.”
Ideas and solutions
When asked about the concepts developed in the last three hackathons, Valentine said that the participants never failed to impress. “One team that I really liked – Bump ’n’ Be it was a simple solution, but it had opportunities to scale into a more technical thing. It came out of the experience of a gentleman who was blind, talking about his experience just crossing the road.
“What happens very often is that when you’re halfway across the road, the beeper on the traffic light goes off, which can be very disorientating. You wouldn’t necessarily think about what that’s like, to be disorientated in the middle of the road, if you weren’t visually impaired, but that can be a huge cause of stress and anxiety.”
To solve this problem, one of the hackathon teams created a solution that consists of a series of bumps made from composite PVC. “You just pop them on the road at strategic places, such as intersections, and when the beeper goes off, if you’re in the middle of the road, you’re guided to cross the rest of the way with these bumps,” Valentine added.
“The next level to this would be to put in sensors to understand how many people cross here, to create data on this specific challenge. It’s nice to take a long-term view and think about how we can make better decisions on our cities. If we have more data on specific areas and specific challenges, we can actually apply the learnings from those solutions into newly built areas.”
Going beyond a hackathon
After three years running the hackathon, Valentine began to wonder what else Hack Access could do or where it could potentially go.
“We didn’t want to just have a hackathon where people come up with amazing solutions and have a great experience, but we wanted to implement those solutions. That’s the big challenge. Anybody who has held a hackathon knows that the big challenge is keeping the momentum in the aftermath.”
She realised that more funding was needed to implement the ideas conceived at the hackathon. “We needed partners that wouldn’t just see Hack Access as something that’s great for the city, but something that could really solve their challenges.
“It’s a full-time job to find out who those partners are and cultivate those relationships with them. It has also been difficult due to the lack of data and how data is rarely shared between the public and private sector. When there’s no information, how are we going to drill into those ideas and solutions and make them viable?”
A Hack Access team working with their mentor. Image: Hack Access
Valentine began to wonder whether to keep the hackathon running as it was, or whether to seek partners and make Hack Access a viable business.
“Hack Access is now going beyond a hackathon,” she said. “It’s trying to set itself up as a platform to facilitate that cross-sector, multi-disciplinary collaboration forum so that we can actually create these partnerships to implement our solutions.”
Working to improve Dublin Airport
In the end, Valentine got involved with Dublin Airport, which will support the winning team of this year’s hackathon, helping them to develop their ideas and put them to use.
In the coming years, Valentine hopes to take the project to other cities in Ireland and beyond, to give others the tools, methodology and framework to make public spaces more accessible.
She said that an airport is an excellent place to start this kind of work. “An airport is a microcosm of a city, there’s carparks, services, public bathrooms, roads passing through.
“We’re looking at what kinds of solutions can also be applied in a city scenario. In terms of Dublin Airport and how they’re going to engage, we’re using a kind of start-up approach to this, by running a validation session with Dublin Airport.
“We’ve got a group of people of diverse abilities who will meet in Talent Garden, and Dublin Airport will present what it would like to achieve. These people will give their input and their specific lived experiences of using the airport, and from that we’ll pick out key priorities and key challenges for this year’s hackathon.”
By doing this, Hack Access hopes to solve some of its main aims, which include making Dublin Airport a better place to travel through for people with various physical and sensory abilities, and increasing awareness of the different services Dublin Airport offers to those with diverse abilities.
What to expect at this year’s hackathon
This year’s hackathon will look at methods to improve way-finding at the airport to ensure people of diverse abilities can travel through the airport without any stress or anxiety, as well as ways to improve facilities at the gate for passengers with diverse abilities.
While there is a focus on Dublin Airport, Hack Access is also calling on attendees of the hackathon to identify any required improvements in Dublin, with regards to on-street disabled parking spaces and how to make locating on-street disabled parking spaces a more seamless experience.
This year’s Hack Access will take place from 21 February until 23 February at Google’s offices on Barrow St in Dublin.
Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.
Savvy shopping hack that earns you money towards your holiday
Everyone likes to shop and go on holiday and now you can get rewarded for shopping and earn money towards your trip.
The shopping hack from British Airways encourages customers to head to their Avios e-store to earn crucial points that can be converted into airmiles on their flights.
Multiple retailers have teamed up with BA offering exclusive deals to customers who purchase items through the online store earning them thousands of points in return.
Read More Related Articles Read More Related Articles
To be eligible you must sign up as a member of the British Airways Executive Club so you can make the most out of the travel rewards.
More than 1,000 brands are part of the store including shopping channels like M&S, ASOS, and Net-a-porter, big-ticket brands like Apple UK, Mulberry and Gucci, and travel sites like Trainline, Hotels.com and Hilton.
Get rewards for your shopping habits through British Airways Avios store (Image: Getty)
Experts explained that being a frequent flyer wasn't the way to achieve more airmiles instead using your shopping habits to earn you more.
They also recommend being savvy with the points you accrue and not use them up on several short-haul flights, instead carefully planning trips that are more far-flung.
For example your regular takeaway from JustEat with an average spend of £21 per fortnight can earn you more than 1,000 points, with every £1 spent equalling 2 points.
Read More Related Articles Read More Related Articles
Upgrading your home broadband to Sky you could earn 4,500 points, and many other brands currently have triple points in special deals.
You can get £10 off a BA flight for 1,250 points, fly to Berlin from 9,000 points per person for a return or indulge in afternoon tea in London for 7,800 points.
ASOS are one of the brands you can earn Avios points by shopping through BA e-store (Image: Instagram)
There's also a chance to earn a huge chunk of Avios points by signing up for the American Express Premium Plus credit card.
If you recommend a partner for the card you can also double your earning potential and accrue another chunk of points, the only caveat is to make sure you pay off your monthly bill or face interest charges.
You will be rewarded 25,000 British Airways Avios after spending £3,000 in the first three months.
No comments:
Post a Comment