The US Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance on a recent hack by the Chinese Advanced Persistent Threat group called Salt Typhoon, and as it deals with communications methods we all use every day, we should pay attention to it.
The document is called “Mobile Communications Best Practice Guidance” and it is available online here: https://www.cisa.gov/sites/default/files/2024-12/guidance-mobile-communications-best-practices.pdf
The guidance also includes advice specific to iPhone and to Android phones.
The simplest version of the advice is this: if the information is sensitive, don’t use cellular voice or SMS, as they are both unencrypted. You need end-to-end encryption, which you will get with the iPhone iMessage, Meta’s WhatsApp, and Signal.
I strongly urge you to go to the CISA link (above) and read the guidance they provide.
