Signal Gate is Ongoing

It may seem that “Signal gate” is moving to the back burner. Probably not. Politico reported on April 2, 2025, that there were over 20 chats set up to coordinate official work and communications for issues including Ukraine, China, Gaza, Middle East, Africa, and Europe. Signal is advertised and used everyday for private messaging when you are looking for privacy, end-to-end encryption, and secure file sharing. Many businesses use Signal as a part of their everyday business for calls and texts.

In December 2024, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) highlighted that a hacker linked to the Chinese government, notably Salt Typhoon, was infiltrating major U.S. telecommunications companies. These breaches were aimed at stealing user data, including call records and text messages. 

We here at Cyber Knowledge Partners (CKP) use Signal to chat amongst ourselves. The key to our use is it is for business not national security.  Like every cyber tool you must use the appropriate tool in the appropriate environment to address the security you are seeking.

In February 2025, the National Security Agency (NSA) issued a bulletin warning about Signal’s vulnerabilities. The advisory highlighted that Russian hacking groups were employing phishing scams to access encrypted conversations, effectively bypassing Signal’s end-to-end encryption.  These scams were also leveraging Signal’s “linked devices” feature. Attackers use malicious QR codes embedded in phishing pages or concealed within group invite links to gain unauthorized access. Once access is obtained, they can add their own devices as linked devices, allowing them to monitor every message in real time. We have seen these phishing attempts first hand. Many of you who use Signal may have also been “phished”.

China also routinely participates in activities that suggest they are targeting communication-oriented app software vulnerabilities.  Although Signal does employ robust encryption protocols, the security of its communications can be compromised if the underlying telecommunications networks are infiltrated. For instance, if a device is compromised through sophisticated malware or spyware, encrypted messages could be accessed before encryption or after decryption. It is imperative to use these apps with eyes wide open and never assume you are safe.

Is Signal a good choice to use for sensitive information or high-level communications?  The Pentagon released a department-wide advisory cautioning against using Signal, even for unclassified information. The advisory emphasized that third-party messaging apps like Signal are not approved for processing or storing non-public unclassified information. What are your companies’ views and policies on the use of these apps?

We think it is imperative to use these incidents as teaching opportunities. Routinely revisit your employees use of technology for sensitive communications.  Signal may not always be the best tool every time for every type of text and communication. Make discussions with your teams a no-fault zone to understand how they are using the tools. Take time to discuss proper use of the tools and mitigate the risks where you can.