Signal is the encrypted messaging app of choice for Washington officials from the CIA to Capitol Hill who are looking to dodge Russian hackers and Chinese cyberattackers.
The app encodes communications, messages and calls, in transit to prevent interception. Most every CIA officer now uses the app, according to CIA Director John Ratcliffe.
Russian-linked hackers are suspected of trying to compromise Signal’s tool for linking multiple devices to a single account and China’s Typhoon hackers are focused on penetrating the American telecom sector to get inside victims’ phones.
Amid intense scrutiny over the alleged inadvertent disclosure of a private Signal conversation featuring top Trump administration officials to a journalist, Mr. Ratcliffe shared new details about how American spies have adopted the platform with lawmakers.
“One of the first things that happened when I was confirmed as CIA director was Signal was loaded onto my computer at the CIA,” Mr. Ratcliffe told the Senate Select Committee on Intelligence. “As it is for most CIA officers.”
He said on Tuesday that the Trump administration had approved national security officials’ use of Signal for communication and coordination, so long as any decisions were recorded through formal channels.
Signal users can choose to use disappearing messages that delete the content of their communications after a set timeframe, imperiling officials’ compliance with record-keeping rules depending on a conversation’s settings.
Mr. Ratcliffe was sworn in for duty at the CIA on Jan. 23, arriving three days after the departure of preceding CIA Director William Burns, and he began using Signal at the CIA soon thereafter.
New revelations about Moscow’s efforts to peer inside the app emerged in February, when Google said it “observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services.”
“While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia’s re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war,” Google’s Dan Black wrote on the company’s blog in February.
The Russian attackers sought access to victims’ accounts via Signal’s “linked devices” feature that enables people to use the platform on multiple devices at the same time, such as a computer and a phone, according to Google.
Google said it worked with Signal to investigate the Russian cyber activity and that the latest updates in Apple and Google’s app stores contained features designed to guard against similar attacks in the future.
Signal previously said in January that it made a “simple change” to allow users to sync old messages onto newly linked devices. The company said in a blog post the process for transferring the messages to newly linked devices was also “end-to-end encrypted and private.”
End-to-end encryption does not block the prying eyes of foreign hackers already residing on a device, however.
Cybersecurity professionals have said China’s Typhoon hacking groups breached much of America’s telecommunications sector last year, including AT&T and Verizon.
While Signal appeared unaffected, hackers may have still victimized its users’ devices.
Signal President Meredith Whittaker said at the SXSW conference earlier this month that the hackers hitting the telecom sector had gained troves of data on many people including “every non-Signal text,” names, phone numbers, phone calls, and location data.
“Now imagine that in just the D.C.-area: That’s when does your asset begin walking into an adversarial intelligence agency?” she said. “Who’s going into your embassy?”
Senators have concerns too. Last year, Sen. Lindsey Graham said the FBI took possession of his phone after he received a message from someone appearing to be Sen. Charles E. Schumer, New York Democrat. Other lawmakers reportedly received similar messages.
Sen. Josh Hawley, Missouri Republican, expressed concern in November that the Chinese hacking of the telecom sector may enable cyberattackers to impersonate others and trick unwitting victims. Mr. Hawley’s office said at the time that he was not asking about any specific incident.
As concerns about the security of their conversations have mounted, however, lawmakers have turned to Signal.
For example, Sen. Michael Bennet, Colorado Democrat, said Tuesday he used Signal in response to a question from Mr. Ratcliffe, during a fiery exchange about how to protect sensitive communications.
The app is poised to remain a mainstay for people seeking privacy because of its high-quality cryptography and its open refusal to let governments build backdoors into its services.
“If various governments call me up and say, ’You got to put a backdoor,’ I say no,” Ms. Whittaker said at SXSW.
