fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Android Users can Now Disable 2G to Block Stingray Attacks

Android Users can Now Disable 2G to Block Stingray Attacks

Google has finally rolled out an option on Android allowing users to disable 2G connections, which come with a host of privacy and security problems exploited by cell-site simulators.

The addition of the option was spotted by EFF (Electronic Frontier Foundation), which calls the development a victory for privacy protection.

Caught by “stingrays”

A cell-site simulator, also known as “stingray” or IMSI Catcher, is a device that masquerades as a cell tower, forcing cell phones in their range to connect to it.

Also Read: 4 easy guides to data breach assessment

This connection enables the operators of these Stingrays to perform man-in-the-middle attacks and intercept sensitive personal information such as: 

  • Device IMSI (international mobile subscriber identity)
  • Call metadata like dialed number and duration
  • SMS and voice call content
  • Data usage and web browsing history
Stingray intercepting people communications
Stingray intercepting people communications
Source: EFF

Unfortunately, this method of data interception has been repeatedly and indiscriminately deployed by law enforcement authorities during peaceful protests in otherwise democratic countries where strict data protection laws apply.

Moreover, documented cases of private deployment of “stingrays” have also been abundant in recent years, so the abuse of communication network vulnerabilities is widespread.

Most of these vulnerabilities have been addressed in 4G, but the simulated base stations have a way to downgrade nearby device connections to 2G, essentially laying the ground for exploiting old flaws.

Having a way to prevent this on the user end is a significant development, and while stopping 2G connections isn’t dealing with the entire spectrum of security problems, it certainly is a good start.

Disabling 2G on Android

While Google has given Android users the option not to allow 2G cellular connections on their device, the setting is turned on by default.

If you want to turn it off, you can go to ‘Settings → Network & Internet → SIMs → Allow 2G’. Depending on your device maker and the Android skin used, the path to access that setting may be different.

Also Read: 7 Client Data Protection Tips to Keep Customers Safe

Android option to disable 2G
Android option to disable 2G
Source: EFF

Note that this setting has only been made available on Android 12 for now. Bleeping Computer has tested Android 11 and Android 10, but the option is not yet available.

We have asked Google to clarify if there’s a hardware requirement too for this new option to work, and they told us that the modem needs to support the 1.6 Radio HAL, which is available only on newer devices.

Also, it’s important to clarify that 2G remains active as a backup for emergency calls no matter what position the toggle is set to, so there’s no way to disable it completely.

Finally, Apple hasn’t given iPhone users a choice to lock their devices to 4G/5G connectivity only, but now that Google has taken that step, it’s likely the competition follows.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us