Sensitive data, eavesdropping, hacking: Securing phones for heads of state


In the category - Security

Translation of the Lefigaro.fr article published on 11th June 2018 (source article)

The President of the United States is not using a secure phone. Phone security is however a key issue for leaders. Le Figaro takes a look at the risks and the actions implemented to avoid them.

Donald Trump is not particularly concerned with protecting his smartphone. Until 2017, he was using a Samsung Galaxy S3, which is no longer updated since 2015. At the end of May, Politico reported that the billionaire refused to comply with the inspection protocol for his iPhones. He owns two: one for Twitter, one for phone calls. This decision of the US Head of State raises the important issue of protecting of communications of heads of states and governments. What solutions are considered to avoid the risks of eavesdropping and hacking?

Because of their status, heads of state are exchanging confidential information. Simple conversations can have diplomatic, economic and political consequences. If data were to leak or hackers were to gain control of a leader’s phone, the impact would be dramatic. “Today, we mostly use phones that are created either by American or Chinese firms. Even if the operators are French, we cannot know exactly what the providers of telephone solutions actually do with the phones they produce”, indicates the staff of Mounir Mahjoubi, Secretary of State for Digital Affairs, interviewed by Le Figaro. “We cannot afford any ambiguities in this area especially considering the exchanges at the State level.”

Use ultra-secure devices lack usability

End-to-end encryption of communications is a requirement for heads of states. Manufacturers have developed very secure devices, but somewhat outdated as to their usability. For example, in the United States, Boeing developed the Boeing Black, a touchscreen smartphone that can “self-destruct” if there is a problem.

In France, Thalès has released, not without a hint of humor, the Teorem, a secure clamshell phone. The Directorate General of Armaments (DGA, the French Government Defense procurement and technology agency) placed an order for 14,140 phones. The device is capable, among other things, to connect to the Rimbaud telephony and fax secure network which has no less than 4,500 subscribers from all government departments. Between 2006 and 2017, Jacques Chirac, Nicolas Sarkozy and François Hollande used this retro style device in addition to their personal phone.

Securing consumer smartphones

Securing consumer devices seems to be the preferred solution for presidents and leaders. Barack Obama, for example, managed to get a Blackberry with additional SecurVoice software. Unfortunately, once the Blackberry was outdated, it took years for him to be able to switch to an iPhone or an Android device. “I was given the phone and told, ‘Mr. President, for security reasons, you cannot take pictures, you cannot text, the phone does not work, you cannot put music on it…’”, said Barack Obama on the set of the Tonight Show“It looked like a phone for a three year old…”

It is also the solution chosen by Emmanuel Macron upon arrival at the Élysée. He received from Orange Cyber Defense a Samsung Galaxy S7 Edge equipped with the CryptoSmart technology developed by Ercom, in partnership with Samsung’s Research & Development Lab. “All government departments are equipped with secure phones and an encryption solution. The Ercom solution is certified by the National Agency for the Security of Information Systems (ANSSI)”, adds Mounir Mahjoubi’s staff.

No photo sharing or thrilling games of Candy Crush Saga on the horizon… the President’s phone only allows secure communications. Voice and SMS communications are encrypted end-to-end using a single encryption key. In case of loss or theft, a special chip inserted in the device can delete data remotely.

Implementing security protocols

“There is absolutely nothing Confidential Defense or Secret Defense that is exchanged by mobile phone.”

Office of Mounir Mahjoubi, Secretary of State for Digital Affairs

An encrypted messaging system developed by the government is also being tested with thirty officials of the Secretary of State for Digital Affairs. The project aims to replace the use of Telegram and WhatsApp, respectively Russian and American applications, by representatives and ministers. The new government messaging system is expected to be launched during the summer and “did not cost anything because it uses open source coding: internal developers spent a few hours here and there to complement it.”

“We meet with the General Directorate for Internal Security regularly to ensure our mobile phones have not been penetrated”, comment Mounir Mahjoubi’s staff. In addition, Internal Security services require “extremely elevated security measures when we [the head of state, the ministers and their cabinet – Ed.] visit certain countries. We are sometimes asked not to take our phones and instead bring with us a very secure solution provided by the State. Regimes like China and Israel, for example, have a very strict censorship and control policy on telecommunications.

If consumer smartphones are favored by leaders, their use is prohibited for the most sensitive cases. “For topics that are really considered Secret Defense or Confidential Defense, there is absolutely nothing that goes through the mobile phones of ministers or cabinets”, adds Mounir Mahjoubi’s staff. “For that, we continue to use landline phones, extremely advanced security solutions and internal networks.”