Many users of WhatsApp communications software on Facebook encrypted the program on Tuesday in response to news about an error that allowed spyware to be installed on mobile phones with Android and iOS.
"This new attack is very worrying and shows how even the most trusted mobile applications and platforms can be vulnerable," says Mike Campin, Design Manager at Wandera, a mobile security provider in San Francisco.
"Although this attack is based on previously identified use of Pegasus, the fact that it has been repackaged into a form that can be delivered through a simple WhatsApp call is shocked by many," he continued.
WhatsApp, which is used by 1.5 billion people worldwide, is not usually used as an official communications application by the company, Campin said, but is widely used internationally in both employee personal devices and in corporate devices.
It may be problematic for organizations, he said, because when an attacker has used this new attack, he has all the information and visibility of the information on the phone.
"WhatsApp encourages people to update the application to the latest version and keep the mobile operating system up to date, to protect any targeted recovery actions designed to compromise the information stored on mobile devices," the company said in a statement.
The affected versions of the program are:
WhatsApp for Android before v2.19.134
WhatsApp Business for Android before v2.19.44
WhatsApp for iOS before v2.19.51
WhatsApp Business for iOS before v2.19.51
WhatsApp for Windows Phone before v2.18.348
WhatsApp for Tizen before v2.18.15
When aware of the vulnerability, the company acted relatively quickly to provide a patch. It confirmed the application's infrastructure in 10 days and released a secure version of the program last Friday. It also informed law enforcement authorities in the United States and the United Kingdom.
"It seems that they have acted quickly to fix the vulnerability and reported to the public and government," said Joseph A. Turner, Proventus Cybersecurity Security Manager, Computer and Network Security Company Aliso Viejo, California.
This agile answer can benefit both WhatsApp and its older Facebook.
"That's what WhatsApp dealt with this vulnerability, and because it seems that an external attacker is on Facebook or WhatsApp is currently not fingers," Turner told TechNewsWorld.
"However, we see that users move to other communications applications for privacy," he added.
Recovery should be of particular concern to iPhone users, said Rusty Carter, vice president of product management at Arxan Technologies, a San Francisco application security company.
"The Apple ecosystem has this reputation for security and sandbox applications so it doesn't bother another," he told TechNewsWorld.
"This event blows it apart," Carter continued, "because there is a vulnerability in one application that allows someone to install software that affects the entire device and the software installed on it. This is scary development."
One of the spyware targets, according to the New York Times report, was a London lawyer who has been involved in several NSO proceedings. Complaints accuse the NSO Group of providing tools to cut Omar Abdulaziz, a Saudi dissident in Canada; Qatar citizen; and a number of Mexican journalists and activists.
"NSO technology has been licensed to authorized government agencies to combat crime and terrorism alone," the company said in a statement.
"The company does not use the system, and after a rigorous licensing and audit process, intelligence and law enforcement authorities determine how technology is used to support their public security trips," he continued.
"We investigate credible allegations of abuse and, if necessary, take action, such as closing the system," the company retained. "Under no circumstances will the NSO participate in the operation or identification of technology objects exclusively operated by intelligence agencies and law enforcement agencies."
"The NSO did not or could not use its own technology to target any personal organization.
"It's a reminder of how much we rely on these social media platforms to protect privacy," he said. "In this case, we may not recognize this attack to install spyware on our message, such as a phishing e-mail message, until it's too late."
Systems can never be 100% safe, he said, but at the end of the day, large public platforms such as Facebook, Google and Twitter should be more responsible for managing their platforms.
"We need systems that they use to test continuously, but there is a greater problem with proper management of these weapons," Skilton said.
"Businesses such as NSO, who have developed spyware programs for WhatsApp, have a duty to prevent them from getting in the wrong hands and using targets like Amnesty International and NHS that can have devastating consequences for vulnerable people," he continued.
"These new cyber arms have to be classified as very dangerous in the wrong hands and treated as such," Skilton added.
In his complaint, Amnesty claims that one of its employees was attacked by the NSO software.
"The NSO Group sells its products to governments known for their grave human rights violations, providing them with tools to monitor activists and critics," said Danna Ingleton, deputy director of Amnesty Tech.
"Amnesty International's attack was the last straw," he found.
The Israeli Ministry of Defense has ignored the evidence that unites the NSO and human rights defenders, Ingleton.
"As long as products like Pegasus are marketed without proper supervision and control, the rights and security of Amnesty International staff and other activists, journalists and dissidents are at risk," he added.
The lawsuit is supported by Amnesty International as part of a joint project with the Department of Human Rights and the Global Judicial Clinic of Bernstein University of Law, New York University.
"Human rights law says that targeting human rights defenders for their work with invasive digital surveillance tools is not allowed," said Margaret Satterthwaite, head of the Institute's Faculty.
"Without stronger legal scrutiny, the spyware industry will allow governments to move to privacy, freedom of opinion and expression," he added. "The Israeli government must revoke the NSO export license and stop benefiting from state-sponsored repression."
 |
| image - technewsworld.com |
"This new attack is very worrying and shows how even the most trusted mobile applications and platforms can be vulnerable," says Mike Campin, Design Manager at Wandera, a mobile security provider in San Francisco.
"Although this attack is based on previously identified use of Pegasus, the fact that it has been repackaged into a form that can be delivered through a simple WhatsApp call is shocked by many," he continued.
WhatsApp, which is used by 1.5 billion people worldwide, is not usually used as an official communications application by the company, Campin said, but is widely used internationally in both employee personal devices and in corporate devices.
It may be problematic for organizations, he said, because when an attacker has used this new attack, he has all the information and visibility of the information on the phone.
Quick action
WhatsApp on Monday urged users to fix the software as soon as possible to avoid possible infections."WhatsApp encourages people to update the application to the latest version and keep the mobile operating system up to date, to protect any targeted recovery actions designed to compromise the information stored on mobile devices," the company said in a statement.
The affected versions of the program are:
WhatsApp for Android before v2.19.134
WhatsApp Business for Android before v2.19.44
WhatsApp for iOS before v2.19.51
WhatsApp Business for iOS before v2.19.51
WhatsApp for Windows Phone before v2.18.348
WhatsApp for Tizen before v2.18.15
When aware of the vulnerability, the company acted relatively quickly to provide a patch. It confirmed the application's infrastructure in 10 days and released a secure version of the program last Friday. It also informed law enforcement authorities in the United States and the United Kingdom.
"It seems that they have acted quickly to fix the vulnerability and reported to the public and government," said Joseph A. Turner, Proventus Cybersecurity Security Manager, Computer and Network Security Company Aliso Viejo, California.
This agile answer can benefit both WhatsApp and its older Facebook.
"That's what WhatsApp dealt with this vulnerability, and because it seems that an external attacker is on Facebook or WhatsApp is currently not fingers," Turner told TechNewsWorld.
"However, we see that users move to other communications applications for privacy," he added.
Scary development
By using WhatsApp Lack, an attacker can add malicious code to the phone simply by placing a WhatsApp call even if the call is missed.Recovery should be of particular concern to iPhone users, said Rusty Carter, vice president of product management at Arxan Technologies, a San Francisco application security company.
"The Apple ecosystem has this reputation for security and sandbox applications so it doesn't bother another," he told TechNewsWorld.
"This event blows it apart," Carter continued, "because there is a vulnerability in one application that allows someone to install software that affects the entire device and the software installed on it. This is scary development."
Human Rights Expert Targeted
The digital footprint of malicious code is similar to the spyware marketed by the NSO group, a manufacturer of military hacking tools from Israel.One of the spyware targets, according to the New York Times report, was a London lawyer who has been involved in several NSO proceedings. Complaints accuse the NSO Group of providing tools to cut Omar Abdulaziz, a Saudi dissident in Canada; Qatar citizen; and a number of Mexican journalists and activists.
"NSO technology has been licensed to authorized government agencies to combat crime and terrorism alone," the company said in a statement.
"The company does not use the system, and after a rigorous licensing and audit process, intelligence and law enforcement authorities determine how technology is used to support their public security trips," he continued.
"We investigate credible allegations of abuse and, if necessary, take action, such as closing the system," the company retained. "Under no circumstances will the NSO participate in the operation or identification of technology objects exclusively operated by intelligence agencies and law enforcement agencies."
"The NSO did not or could not use its own technology to target any personal organization.
Better control of dangerous weapons
WhatsApp hack is an example of military data networks that access "wild" and used by criminals, just like the WannaCry attack on the UK public health system two years ago, said Mark Skilton, Professor of Business Communications at CWC, Warwick, UK."It's a reminder of how much we rely on these social media platforms to protect privacy," he said. "In this case, we may not recognize this attack to install spyware on our message, such as a phishing e-mail message, until it's too late."
Systems can never be 100% safe, he said, but at the end of the day, large public platforms such as Facebook, Google and Twitter should be more responsible for managing their platforms.
"We need systems that they use to test continuously, but there is a greater problem with proper management of these weapons," Skilton said.
"Businesses such as NSO, who have developed spyware programs for WhatsApp, have a duty to prevent them from getting in the wrong hands and using targets like Amnesty International and NHS that can have devastating consequences for vulnerable people," he continued.
"These new cyber arms have to be classified as very dangerous in the wrong hands and treated as such," Skilton added.
Move Block Export License
Meanwhile, on Monday, Amnesty International has moved the export of military cyber advisers to its source through an action brought before the District Court of Tel Aviv to cancel the NSO's export license.In his complaint, Amnesty claims that one of its employees was attacked by the NSO software.
"The NSO Group sells its products to governments known for their grave human rights violations, providing them with tools to monitor activists and critics," said Danna Ingleton, deputy director of Amnesty Tech.
"Amnesty International's attack was the last straw," he found.
The Israeli Ministry of Defense has ignored the evidence that unites the NSO and human rights defenders, Ingleton.
"As long as products like Pegasus are marketed without proper supervision and control, the rights and security of Amnesty International staff and other activists, journalists and dissidents are at risk," he added.
The lawsuit is supported by Amnesty International as part of a joint project with the Department of Human Rights and the Global Judicial Clinic of Bernstein University of Law, New York University.
"Human rights law says that targeting human rights defenders for their work with invasive digital surveillance tools is not allowed," said Margaret Satterthwaite, head of the Institute's Faculty.
"Without stronger legal scrutiny, the spyware industry will allow governments to move to privacy, freedom of opinion and expression," he added. "The Israeli government must revoke the NSO export license and stop benefiting from state-sponsored repression."
0 Comments