Agents from the Federal Bureau of Investigation (FBI) recently informed Capitol Hill staff about strengthening the security of their mobile devices, following an incident where a contacts list taken from the personal phone of White House Chief of Staff Susie Wiles was allegedly used to generate a series of deceptive text messages and calls pretending to be her to U.S. lawmakers. However, in a letter this week to the FBI, one of the Senate’s most tech-savvy politicians claims that federal recommendations lack sufficient depth regarding enhanced security measures that are readily available on most commercial mobile devices.

On May 29, The Wall Street Journal reported that federal entities were probing a secret attempt to impersonate Ms. Wiles through text messages and calls, which may have employed AI to mimic her voice. Per The Journal, Wiles informed her contacts that her cellphone directory had been breached, granting the impersonator access to the private phone numbers of several of the nation’s most prominent figures.

The implementation of this phishing and impersonation scheme — regardless of its intended objectives — hinted that the attackers were financially driven, lacking in sophistication.

“Lawmakers recognized the requests as dubious when the impersonator began soliciting questions about Trump that Wiles would typically know—and in one instance, when the impersonator requested a money transfer, some recipients remarked,” the Journal noted. “In numerous situations, the impersonator’s language was flawed and the communications were more formal than Wiles usually interacts, according to individuals who received the messages. The calls and texts also did not originate from Wiles’s actual number.”

Advanced or not, the impersonation effort was soon highlighted by the homicide of Minnesota House of Representatives Speaker Emerita Melissa Hortman and her spouse, along with the wounding of Minnesota State Senator John Hoffman and his wife. Hence, when FBI agents offered to update U.S. Senate staff on mobile threats in mid-June, over 140 staff members accepted the invitation (notably high considering no refreshments were provided at the session).

However, according to Sen. Ron Wyden (D-Ore.), the guidance the FBI shared with Senate staffers was predominantly limited to remedial advice, like avoiding suspicious links or attachments, steering clear of public Wi-Fi networks, deactivating Bluetooth, maintaining current phone software, and rebooting their devices frequently.

“This is inadequate to safeguard Senate personnel and other high-value individuals against foreign spies employing sophisticated cyber tools,” Wyden articulated in a letter sent today to FBI Director Kash Patel. “Wealthy foreign intelligence organizations do not need to depend on phishing schemes and harmful attachments to infect gullible victims with spyware. Cyber mercenary firms market advanced ‘zero-click’ capabilities to governmental clients to deliver spyware that do not necessitate any action from the target.”

Wyden emphasized that to counteract sophisticated threats, the FBI should be prompting lawmakers and their teams to activate anti-spyware defenses integrated into Apple’s iOS and Google’s Android software.

These defenses include Apple’s Lockdown Mode, tailor-made for individuals fearing they may be subjected to targeted assaults. Lockdown Mode limits non-essential iOS functionalities to minimize the device’s overall vulnerability. Google Android devices offer a comparable feature known as Advanced Protection Mode.

Wyden also called on the FBI to enhance its training materials to recommend a variety of other actions individuals can take to decrease the traceability of their mobile devices, including utilizing ad blockers to shield against nefarious advertisements, disabling ad tracking IDs within mobile devices, and opting out of commercial data brokers (the individual charged in the Minnesota shootings apparently utilized various people-search services to locate the home addresses of his targets).

The senator’s correspondence notes that while the FBI has promoted all the aforementioned precautions in various advisories over the years, the guidance the agency is currently providing to the nation’s leaders must be more thorough, applicable, and pressing.

“Despite the severity of the threat, the FBI has not yet delivered effective defensive recommendations,” Wyden remarked.

Nicholas Weaver is a researcher associated with the International Computer Science Institute, a nonprofit based in Berkeley, California. Weaver asserted that Lockdown Mode or Advanced Protection will address numerous vulnerabilities, and should be set as the default option for all members of Congress and their staff.

“Lawmakers are at extraordinary risk and need exceptional protection,” Weaver stated. “Their computers should be tightly secured and well managed, and the same applies to staff.”

Weaver pointed out that Apple’s Lockdown Mode has demonstrated effectiveness in blocking zero-day threats on iOS applications; in September 2023, Citizen Lab documented how Lockdown Mode thwarted a zero-click vulnerability that could install spyware on iOS devices without any user interaction.

Earlier this month, Citizen Lab investigators documented a zero-click breach used to infect the iOS devices of two journalists with Paragon’s Graphite spyware. The vulnerability could be exploited merely by sending the target a tainted media file via iMessage. Apple also recently updated its advisory regarding the zero-click flaw (CVE-2025-43200), indicating that it was successfully mitigated in iOS 18.3.1, released in February 2025.

Apple has not responded regarding whether CVE-2025-43200 could be exploited on devices using Lockdown Mode. However, HelpNetSecurity noted that when Apple addressed CVE-2025-43200 back in February, it also fixed another issue flagged by Citizen Lab researcher Bill Marczak: CVE-2025-24200, which Apple stated was involved in an extraordinarily sophisticated physical assault against specific targeted individuals, enabling attackers to disable USB Restricted Mode on a locked device.

In effect, the flaw could potentially only be exploited if the assailant had physical access to the targeted vulnerable device. And as the old cybersecurity adage states, if an opponent possesses physical access to your device, it’s most likely not your device anymore.

I cannot speak about Google’s Advanced Protection Mode personally, as I do not utilize Google or Android devices. However, I have had Apple’s Lockdown Mode activated on all my Apple devices since it was first released in September 2022. I can only recall one instance where one of my applications malfunctioned with Lockdown Mode activated, and in that situation, I could create a temporary exception for that application in Lockdown Mode’s settings.

My primary complaint with Lockdown Mode was articulated in a March 2025 column by TechCrunch’s Lorenzo Francheschi-Bicchierai, who discussed its tendency to frequently send puzzling notifications that someone has been barred from reaching you, despite nothing stopping you from contacting that person directly. This has occurred to me on at least two occasions, and in both instances, the individual in question was already a verified contact, and claimed they hadn’t attempted to make contact.

While it would be advantageous if Apple’s Lockdown Mode issued fewer, less alarming, and more informative notifications, the occasional perplexing warning message is hardly sufficient to compel me to disable it.