As U.S. telecommunications networks face unprecedented cyberattacks, federal agencies are issuing a stern warning to Americans: avoid sending text messages between iPhones and Android devices and switch to fully encrypted messaging apps like Signal and WhatsApp.
Cybersecurity Threat
The advisory follows a series of cyberattacks attributed to Salt Typhoon, a hacking group linked to China’s Ministry of Public Security. These attacks, described as “ongoing and likely larger in scale than previously understood,” have targeted U.S. telecommunications companies, including major providers like AT&T and Verizon.
Read More: WhatsApp introduces game-changing draft feature for iOS users
According to Jeff Greene from the Cybersecurity and Infrastructure Security Agency (CISA), encryption is critical in safeguarding communications. “Even if adversaries intercept the data, encryption renders it unreadable,” Greene emphasized during a press briefing.
Why Cross-Platform Texts Are Vulnerable
Messages exchanged within ecosystems—such as iMessage for iPhone users or Google Messages for Android users—are encrypted. However, communication between iPhones and Androids lacks end-to-end encryption. The issue stems from the current iteration of Rich Communication Services (RCS), the successor to SMS. While RCS offers enhanced features, its lack of encryption in cross-platform messaging leaves users exposed to cyber threats.
Although Google and Apple have acknowledged this security gap, progress in implementing end-to-end encryption for RCS has been slow. Until the problem is resolved, experts advise avoiding traditional text messaging for sensitive information.
Encrypted Apps as the Best Defense
The FBI and CISA strongly recommend using fully encrypted messaging apps like Signal, WhatsApp, and Facebook Messenger. These platforms provide end-to-end encryption for texts, voice calls, and video calls, ensuring that communication remains private and secure across devices. “Encryption is your friend,” Greene stated. “Whether for text or voice communication, encrypted data is nearly impossible for adversaries to access.”
Apple’s Role and Timing Concerns
Ironically, the warning comes as Apple prepares to release its iOS 18.2 update, which allows users to switch their default messaging app from iMessage to third-party platforms. This move could make it easier for users to adopt encrypted apps for cross-platform communication.
Despite Apple’s endorsement of encryption within its ecosystem, the company has been reluctant to support RCS with end-to-end encryption. Security experts speculate that Apple may only act if it notices a significant shift in users abandoning iMessage for platforms like WhatsApp.
Broader Implications for Cybersecurity
The advisory highlights the growing threat of state-sponsored cyberattacks and the vulnerabilities in critical U.S. infrastructure. A joint alert from the FBI, CISA, NSA, and other Five Eyes intelligence agencies highlighted the need for stricter cybersecurity measures to protect against these attacks.
Read More: WhatsApp’s new chat memory feature for Meta AI
The FBI and CISA’s advice is clear: Americans should prioritize encrypted messaging for all forms of communication, particularly given the current vulnerabilities in RCS. Signal, WhatsApp, and other encrypted platforms are considered the safest choices until encryption becomes a standard feature across all messaging systems.