Tech
NSA Tells iPhone And Android Users: Reboot Your Device Now
Comedy fans may well recognize “have you tried turning it off and on again” from the British sitcom The IT Crowd. But what if the National Security Agency told all smartphone users to do it? And, more to the point, if you follow that advice, will you be safe from malware and spyware in 2024 and beyond?
The NSA Turn It Off And On Again Advice
The NSA’s original warning was published in a mobile device best practices guide in 2020. With smartphones running across all operating system platforms becoming an increasingly popular target for threat actors of all flavors, the NSA said that “many of the features provide convenience and capability but sacrifice security” and attempted to pin down simple steps that even the most non-technical users could take to better protect their devices and the data stored within. Earlier this year, I reported on the NSA advice, and that article has continued to stir a myriad of responses to this day. I’ve had security experts and smartphone users alike thank me for bringing the warning to their attention, and scald me for not going into more detail about what rebooting can’t help protect people from. All of these opinions are valid, of course, and this article is written in the hope of providing more clarification.
Let’s start by saying that I have nothing but praise for the document that the NSA has published; not only is the advice contained sage, but it is presented in such a way as to be clear to all audiences. Taking a pictorial approach, the NSA used an icon-based warning system informing the reader what they should avoid, disable, do and not do. The do’s include using strong PINs and passwords, biometric locks and regular software updates, for example. The do not advice covered rooting or jailbreaking your phone, clicking unknown links or opening unknown attachments, and so on. But it’s the disable icon that piqued my interest most, especially when it came to disabling power by turning the device off and on again on a weekly basis.
The second page of the infographic-heavy advice document took more of a tabular approach to warning smartphone users of things they should be doing regarding threat mitigation. This time, the iconography was divided between sometimes prevents and almost always prevents. When regularly rebooting your smartphone, the recommendation was to use it as it sometimes prevents spear phishing (to install malware) and zero-click exploits. It was never, therefore, a silver bullet solution or a one-size-fits-all security panacea.
Do You Need To Regularly Reboot Your Smartphone In 2024?
The short answer to whether you need to reboot your smartphone every week in 2024 is no. But need is doing a lot of heavy lifting in that question. From a security perspective, rebooting will still remove the threat from non-persistent malware, that is a threat that cannot survive a reboot. I know that’s pretty obvious, but it needs saying. There’s plenty of malware that fits into this category, and not all of it from the least advanced or sophisticated of threat actors.
When spyware was making the headlines for all the right reasons, with nation-states using advanced software such as Pegasus to infect both Android and iPhone devices, reports suggested that it changed from having persistence to relying upon binary payloads being exploited again after a reboot. This reliance on malware in memory, rather than being written to permanent storage, is another way to evade leaving evidence of surveillance during such sophisticated attacks.
“As long as people are regularly updating their devices when fresh operating system versions are released,” Jake Moore, global cybersecurity evangelist with ESET, said, “devices will remain healthy and protected. It is, however, a good idea to reboot your phone on a regular basis but more for battery reasons over security.” Moore is right in saying that a quick reboot can often resolve performance issues and connectivity problems. However, that doesn’t mean that security reasons for rebooting are entirely off the table. “Zero-click malware is a recurring issue for both Apple and Android operating systems” Moore said, “but it is generally identified and addressed quickly. Once detected, a patch is developed, and a new update is released to mitigate the threat.”
There is no definitive answer when it comes to the voracity of the NSA warning and the rebooting recommendation, however, erring on the side of caution is never to be underestimated in my humble opinion. There’s an interesting discussion on Stack Exchange that sums things up rather nicely: the long answer is that it depends on what your handheld did since its last reboot, the short answer being, on average, that rebooting reduces vulnerability. Rebooting has little, if any, downside so why not reboot regularly? I’m siding with the NSA on this one.