The Jeff Bezos phone hack proves anyone can fall victim to cybersecurity attacks. But here’s what security experts say you can do to reduce the risk.

source
David Ryder/Getty Images
  • Amazon CEO Jeff Bezos’ phone was reportedly hacked by Saudi Crown Prince Mohammed bin Salman, according to a forensic investigation first reported by The Guardian.
  • The attack occurred after Bezos received a malicious WhatsApp file from an account linked to the crown prince, which resulted in large amounts of data being transferred from his device, according to the investigation.
  • Reports indicate that Bezos was the victim of a targeted attack. But there are measures that both high-profile figures like Bezos and the average smartphone user can take to mitigate the risk of a hack.
  • Such steps could involve using a burner phone when traveling, and making sure your phone is consistently up to date with the latest software and security patches, experts say.
  • Visit Business Insider’s homepage for more stories.

Saudi Crown Prince Mohammed bin Salman reportedly hacked Amazon CEO Jeff Bezos’ phone in 2018, an infiltration that is said to have resulted in large amounts of data being covertly stolen from the tech executive’s phone over the course of months.

The incident was revealed in a forensic investigation conducted by FTI Consulting that was first reported by The Guardian earlier this week. The United Nations has since called on the United States and other relevant authorities to conduct an investigation. The Saudi government denied the allegations against it and called them “absurd.”

While reports suggest the Bezos hack was a specific and targeted attack, security experts say that the critical amount of sensitive data stored on today’s smartphones means mobile devices will continue to be high-value targets for state-sponsored attackers and black market hackers alike. It also illustrates that anyone, even prominent CEOs with vast resources, can be vulnerable to cybersecurity threats.

“It’s ultimately a fact of life at this point,” Paul Lipman, CEO of cybersecurity firm BullGuard, said to Business Insider. “As more of what we do relies on technology, [devices] become a target.”

Although it may be impossible to completely prevent and detect some cyber attacks before they occur, there are certain measures that both high-profile figures like Bezos and average smartphone users can take to mitigate the risks, experts say. The first thing people need to do to protect themselves is understand how they might be vulnerable to attacks.

The data theft that affected the Amazon CEO is said to have occurred after Bezos received a video file through the popular Facebook-owned messaging app WhatsApp from the Saudi crown prince’s account. The file was sent with an encrypted downloader, according to the technical report from FTI Consulting, which Vice’s Motherboard published on Wednesday.

Bezos’ phone reportedly began leaking data within hours of the encrypted downloader being received, and it continued to do so for months, FTI Consulting’s report said. In its statement calling for an investigation, the United Nations said that spyware tools believed to have previously been used by Saudi officials, such as the NSO Group’s Pegasus-3 malware, may have been used to execute the attack.

Malware attacks can generally be difficult to prevent because, in some cases, the target doesn’t even need to click on a link or download a file to become infected.

A previous vulnerability in WhatsApp, for example, made it possible to inject spy software on a user’s smartphone simply by calling them, even if the victim didn’t answer. That exploitation was carried out using software from NSO Group, as the Financial Times reported.

What’s more, once malware infiltrates your phone and begins leaking data, there’s a slim chance you’ll be able to find it. Malicious actors employ a range of techniques to mask data extraction, such as sending emails from the infected phone and then deleting them afterwards, or trickling out small pieces of information over a long period of time, according to Lipman.

“Malware wants to remain under the radar,” said Etay Maor, chief security officer at Intsights. “And usually once it’s in, it’s extremely hard to identify that something is wrong.”

That’s why Bogdan Botezatu, director of threat research and reporting at cybersecurity firm Trend Micro, suggests that high-profile targets like Bezos use two phones: one with no valuable personal information stored on it for browsing social media and using apps like WhatsApp, and a separate highly-secure phone with limited access to the Internet and apps for storing sensitive information.

Maor similarly suggests leaving your primary mobile device in a secure location when traveling and bringing a burner phone instead to mitigate the risk of an attack.

“There’s no such thing as ‘this device cannot be hacked,'” Maor said. “And we’ve seen this over and over again. So at the end of the day, it’s a game of risk management.”

Such measures may be practical and worthwhile for public-facing figures like Bezos, one of the world’s richest men who runs one of the world’s most valuable companies and owns The Washington Post. But most people will probably be able to adequately protect themselves by following best practices when it comes to digital security, like keeping software up to date, avoiding downloading files from unknown sources, and only installing apps and programs from official app stores managed by Apple and Google.

“The reality is that these kinds of attacks are highly targeted, not attacks that the average person is going to fall prey to,” Lipman said. “And the reality is that anyone can be hacked, with enough time, motivation, and resources.”