As cyber threats grow more sophisticated, U.S. officials are sounding the alarm about the risks of unencrypted text messaging and phone calls. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) are urging Americans to prioritize encrypted communication to protect sensitive information from increasingly advanced cyberattacks.
The Problem with Cross-Platform Messaging
Apple’s recent adoption of the RCS (Rich Communication Services) standard has brought hope for better interoperability between iPhones and Android devices. However, there’s a significant security gap—cross-platform messaging lacks the strong end-to-end encryption that is vital for protecting private conversations.
While messages exchanged between users of the same platform—iPhone to iPhone or Android to Android—are encrypted, communication between different systems remains vulnerable. This flaw has led the FBI and CISA to recommend encrypted messaging apps for all forms of communication, especially given the growing threat from cyber attackers, including state-sponsored groups.
Cyber Espionage and the Need for Encryption
The urgency of the situation is tied to ongoing cyberattacks targeting U.S. infrastructure. The Chinese hacking group Salt Typhoon has reportedly infiltrated critical U.S. networks, putting national security at risk. These attacks underscore the importance of secure communication, as sensitive data could be intercepted by adversaries.
Jeff Greene from CISA emphasized that encrypted communication offers the best defense against such attacks. He, along with an unnamed senior FBI official, stressed that Americans must adopt secure communication practices to safeguard their information.
The warning was reinforced in a joint advisory issued by the FBI, CISA, and the NSA, urging the public to take action and secure their networks. “Encryption is essential, whether it’s for text messages or voice calls,” Greene noted.
The Role of End-to-End Encryption
End-to-end encryption ensures that only the sender and the recipient can read the content of a message, making it nearly impossible for anyone else—including hackers—to intercept and decipher it. This kind of security is already available in messaging apps like Apple’s iMessage and Google Messages, but only within their respective ecosystems.
The challenge arises when messages are sent across different platforms, such as from iPhone to Android. While Apple’s embrace of RCS was intended to improve compatibility between systems, the lack of encryption for these cross-platform exchanges remains a significant vulnerability.
Experts stress that encryption should not just cover text messages but extend to voice communication as well. Without this protection, the risk of interception remains high.
Delays in RCS Encryption
Despite promises from Google and the GSMA (the global body overseeing RCS standards) to introduce end-to-end encryption for RCS, there is no set timeline for when this will be implemented. This delay has become more apparent in light of recent security concerns, with Apple’s updates revealing the encryption gap.
Samsung, a major player in the Android market, recently highlighted the growing adoption of RCS but acknowledged that its secure messaging capabilities are currently limited to Android-to-Android communication. Apple has not yet addressed whether it plans to implement full encryption for RCS.
Alternative Secure Messaging Platforms
For those who want secure communication, apps like WhatsApp and Signal are the best options. Both offer end-to-end encryption for text, voice, and video calls across platforms, ensuring that communications remain private.
Signal is often regarded as the most secure of these platforms, though it has a smaller user base compared to WhatsApp. Even Facebook Messenger now offers full encryption for its messages, further diminishing the relevance of unencrypted SMS or RCS messaging.
“Once you step outside Apple’s or Google’s secure environments, the protections can quickly weaken,” experts warn. With so many secure options available, it is becoming increasingly risky to rely on unencrypted messaging systems.