• Utilize system-level “zero-click” attacks to “silently activate” devices. The closed nature of smart terminal systems was once synonymous with security. However, there are cases where a company in a certain country deliberately provided a backdoor to the country's spy intelligence agency to implant spyware on the company's smartphones, and thousands of smartphones infected with malware have been found, including government staff from many countries. Attackers can exploit vulnerabilities in the instant messaging service built into a smartphone operating system to directly control the phone without user interaction.

• Use mobile phone software to "poison" and "sneak into the city" to steal secrets. Pre-installed software on mobile phones may contain secret-stealing channels. Previously exposed cases show that a certain operator illegally collected sensitive data such as user text messages and call records by pre-installing network diagnostic software on mobile phones. In 2015, foreign media revealed that the intelligence departments of the "Five Eyes Alliance" jointly launched the "Angry Corner" plan, which hijacked the download links of some representative app stores and "swapped" the applications downloaded or updated by users with applications that have been implanted with spyware, making hundreds of millions of users unknowingly the source of data leaks.

• Exploiting “forced downgrade” of mobile network layer to steal secrets. Mobile operator networks carry the function of exchanging critical information. Attackers can implant secret-stealing channels in every link of the signal "generation-transmission-reception" chain by hijacking backbone networks, forging base station signals, and infiltrating the operator's intranet. Attackers inject malicious code into 4G/5G signals, cooperate with fake base station clusters to force mobile phones to downgrade to 2G networks, and then use unencrypted communications to steal sensitive data.

All people work together to build a solid defense line for smart devices

In the face of the invisible "dark web" of smart devices stealing secrets, we can effectively prevent and resolve the risks of secret theft and leakage from smart terminals by building a full-dimensional security line covering hardware, systems, data, and ecology.

• Build a systematic dynamic security system. Build a zero-trust update mechanism and shut down non-essential system services on mobile terminals. Enable SIM and PIN dual authentication mechanisms and implement a "least privilege access" strategy for key systems. Deploy intelligent monitoring tools to quickly respond to and recover from high-risk vulnerabilities.

• Build a multi-layer data defense matrix. Promote end-to-end encrypted communications and prohibit non-encrypted transmission channels. Establish a data desensitization processing mechanism for public information such as social media and cloud storage to reduce the risk of correlation analysis. Implement local storage of cross-border data and cut off automatic cloud synchronization services.

• Reshape the trusted supply chain ecosystem. Establish an industry joint defense mechanism, form a cross-domain joint defense alliance, share threat intelligence and jointly handle attack incidents, and form a full-chain joint defense and control system.

• Build a national security line of defense. The general public, especially those working in confidential positions, must raise their awareness of safety, not use smart devices of unknown origin, not install unfamiliar applications, not click on unfamiliar links on websites or in text messages, promptly close unnecessary sharing and cloud service functions, develop good usage habits, and do a good job in information security protection.