Nowadays (almost) every employee has a smartphone in their pocket. But have you ever thought about who could potentially have access to the information on your smartphone? More and more governments worldwide are warning against the use of certain apps, such as TikTok. For example, after an earlier ban on TikTok, the government has banned nine more apps for government officials.

The scenario: Spyware on Smartphone by foreign app

In your organization it is not unusual for employees to have one smartphone that is used for both private and work purposes, including some employees of a BSL-3 laboratory. These employees work together on research involving a high-risk pathogen. For a good transfer during the holiday period, employees send a few messages and photos to inform each other about the progress and the storage location. A few days later, one of these employees notices that his smartphone is increasingly slow, shows unexpected advertisements or pop-ups, and has new toolbars, search engines, and Internet home pages that he does not remember installing. It looks like there is spyware on the phone.

Risks and Action Perspective

If you work in an organization with a biological laboratory, the knowledge in your organization, e.g. about high-risk pathogens, may also be of interest to others and you may be a target for someone who tries to gain access through you or your equipment. to this information. Digital espionage is the easiest form of espionage. Especially with apps made by countries such as China, Russia, Iran and North Korea, it is possible that espionage takes place from governments. Contact lists, the location of users and photos and documents on a device, among other things, could be of interest to intelligence services. If you are unsure whether installing an app will give third parties access to information on your phone, read the terms of use carefully before accepting them. Also make sure that you always install new updates directly on your phone. If you suspect that your smartphone may have been hacked or you have questions about foreign apps on your smartphone, please contact your IT department as soon as possible. It is also good to check whether there is a guideline in your organization about which apps can be used safely and which (confidential) work information may be shared via apps.

Sharing Your Scenario

If you would like to discuss how to handle this scenario with the Biosecurity Office or if you have encountered a biosecurity scenario that you would like to share with colleagues in the field, please feel free to contact us. The Biosecurity Office can be reached at [ignore]biosecurity@rivm.nl[/ignore].