According to Cisco, the security measures implemented by Android and iPhone devices are generally sufficient for most users. However, commercial spyware vendors have repeatedly demonstrated the ease with which targets can be compromised. Cisco offers several recommendations for smartphone users but emphasizes that achieving proper protection is challenging.
In recent years, both Apple and Google have released security patches to address actively exploited zero-day vulnerabilities that were used to infect phones with spyware. One prominent vendor in this space is the NSO Group, responsible for the Pegasus spyware. Still, there are numerous other players, such as Intellexa, DSIRF, Variston IT, Paragon Solutions, and QuaDream. Despite increased attention from researchers and civil rights organizations, Cisco notes that the supply of commercial spyware does not seem to be diminishing.
Cisco suggests that little will change until the international community regulates this technology. Although some companies may cease operations when exposed by researchers, they often continue under different names or merge with other entities while sharing their technology. Consequently, smartphone users concerned about commercial spyware have limited options, according to the networking company.
Nevertheless, Cisco provides several recommendations for users. They advise rebooting the phone before engaging with unfamiliar sources or enabling Apple’s lockdown mode. Recently, concerns were raised about iPhone spyware that operates solely in the device’s memory and can be removed by rebooting. However, the phone can be reinfected if the underlying vulnerability remains unpatched. Additionally, Cisco suggests that individuals who frequently interact with the public should consider using a separate, empty phone and avoid accepting private messages from unknown individuals.