Apple’s Trusted-Boot-Routine “iBoot” leaked on GitHub

iPhone 11: Seven steps to secure your device

Let’s be honest: No matter if you are an iPhone user already or plan on buying a new iPhone 11; looks (and features) aren’t everything. It’s very important to know that these devices can be vulnerable to cyberattacks and therefore your online privacy and security can be in great danger. Yes, even with an iPhone!

A recent report from Google revealed a malware attack on iPhone users that lasted two years and affected most operating system versions between iOS 10 and iOS 12. The attack targeted the Uyghur Muslims and there are sources mentioning that China’s government is the main actor behind this attack.

The Google Project Zero’s team discovered a collection of hacked websites that delivered malware to their visitors. The number of ‘victims’ remains unknown but according to the report, only “simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week.“

The attackers had access to encrypted WhatsApp messages, iMessage texts, and Telegram messages but also to location data and other private information of the iPhone users. Apple managed to fix the vulnerability in February when they released iOS 12.1.4.

This however is not the first time this year that iPhone users are the victims of a malware attack. In May Whatsapp rolled out a security fix after an Israeli cybersecurity and intelligence company developed surveillance software and installed it on iPhones by using their call function.

How to secure your new iPhone 11?

When it comes to security, iOS has been known as a very secure operating system, but the most recent attacks seem to prove that nothing is bullet proofed. Because of the increasing number of iOS exploits Zerodium, a company that buys previously unreported zero-day exploits, now reduced their reward for a zero-click attack on iPhones to $500,000 while a zero-click hacking technique that fully takes over an Android device is rewarded with $2,500,000.

But fear not – there a couple of things that you can do to make sure your device is secured. So, go ahead, buy that new iPhone 11 and follow these 7 simple steps afterwards:

1. Keep your device updated

It sounds as easy as it is: To protect your iPhone from unwanted attacks just make sure that it’s up to date. Make sure to use the most recent operating system because updates are often specifically designed to close loopholes that hackers have found a way to exploit, such as bugs, vulnerabilities, and zero-days. Google normally releases security patches quite regularly, as does Apple with its “minor updates” for iOS. The real value of these updates is in their potential to protect your device more effectively – so make sure to patch your mobile as soon as one of them is available.

2. Use public Wi-Fi networks with care

Entering a public WiFi doesn’t come without its risk. To minimize them as much as possible a good VPN is a valuable tool. It lets you communicate securely on those insecure public networks (e.g. airport, coffee shop, etc.) and allows you to pick your own GEO-IP, opening up content regardless of where you might actually be.

3. Use fingerprint login

Long gone are the days where you needed to enter your username and pin to access your mobile. All you need to do now is putting your finger on your phone’s sensor or scan your face (Face ID on iPhone X for example) to enter it. “And its not only easier but – at least to some degree – more secure”, says Alexander Vukcevic, Director of Protection Labs & QA at Avira.

4. Create strong passwords

Weak passwords are one of the top reasons for breached accounts so make sure to always use strong and varied passwords for all of your online services. Also remember to change your passwords regularly. If you feel like that’s too much work, you might consider using a password manager that does all the hard work for you.

5. Download only official apps

Another simple way for hackers to gain access to smartphones is to modify the code of certain well-known apps and hide their own malignant strings. There’s only one way to minimize this risk of infection, and that is to only download applications hosted by the original stores and avoid all other sources. Also, a security app to do this for you would be more than helpful.

6. Get a hold of your privacy settings

Most of the apps you have installed on your phone will ask for your location and/or access to your camera and microphone. For some of this apps, this makes totally sense but others are just using this for advertising purpose or even worse, to deliver spyware. Have a closer look and go to Settings > Privacy. iPhones also have an option to limit ad tracking so you might want to make sure it’s turned on. To do so go to Settings > Privacy > Advertising.

7. Create backups

Another important step is to make regular backups. Doing so means that you still have access to your information – at least to some degree – even if your smartphone goes missing. Apple conveniently offers iCloud which basically makes a 1:1 backup of your iPhone which then can be transferred to a new phone. There is a very detailed explanation available on its Support pages when it comes to how to configure automatic backups, so feel free to take a look.

 

These seven easy steps should help protecting you and your devices. Easy right? So go on – watch the Apple Keynote, buy the new iPhone 11, and enjoy all it as to offer – securely.

This post is also available in: German

Avira logo

New! Discover Avira's free privacy and security app for iOS