The WhatsApp Security Breach: What You Need to Know

All posts

This month messaging service WhatsApp pushed a significant security patch to each of its 1.5 billion users worldwide.

The patch was in response to a security loophole that permitted attackers to remotely install spyware without the target becoming aware.  To exploit the loophole, attackers only needed to call the target on WhatsApp to transmit malicious code, regardless of whether the user answered the call or not.

The security flaw is particularly notable because WhatsApp is widely recognized for its security and privacy. Messages on its platform are encrypted end-to-end to prevent WhatsApp and third parties from reading or listening to them.

WhatsApp confirmed its discovery of the vulnerability in a statement. The company also urged users to update their apps as soon as they can.

Who was responsible?

While WhatsApp didn’t name a perpetrator in its official statement, it noted that "the attack has all the hallmarks of a private company that reportedly works with governments to deliver spyware that takes over the functions of mobile phone operating systems."

That private company is widely believed to be NSO Group, an Israeli cybersecurity firm that specializes in surveillance tools. The firm licenses its technology to government agencies to help them fight crime and terrorism, though it claims to not have any control over how those agencies ultimately use its technology. NSO counts dozens of countries as customers, including Saudi Arabia, Mexico, Bahrain, and the UAE.

NSO Group’s flagship product is Pegasus, a piece of malware designed to track a user's cellphone after a single click on a link in a fake text message. After the link is clicked, data stored on the phone—including messages, phone calls, and even location data—become accessible, allowing NSO's clients to see where someone is, who they are talking to, and the content of their conversations.

What should you do?

WhatsApp says it has fixed the vulnerability and that only a “select” group of users were actually affected. Still, the company’s official statement encouraged users to update to the latest version of the WhatsApp app "out of an abundance of caution." The company said it has also contacted US law enforcement.

“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” the company said.

What could WhatsApp have done?

Messaging apps like WhatsApp are prime targets for cybercriminals. In fact, the platform’s reputation for security makes it particularly attractive to those who would be interested in finding and using the sensitive information that users exchange through the app.

For any organization—messaging apps or otherwise—the best plan is to prepare for a data breach as if it’s going to happen. Putting controls in place, preparing breach response plans, automating processes, and keeping key personnel up-to-date before a breach occurs are monumental undertakings. LogicGate’s Audit and Controls Management software can help you stay on top of the checks-and-balances that keep your company on the right track and out of the headlines. Our automated system will help you manage your company’s compliance standards, significantly reducing the risk of breaches and reputational damage.


For more on Risk Management, check out LogicGate's Webinar below on Critical Actions to Survive a Data Breach in 2019 & Beyond.

Download Webinar



All posts

Related Posts

View all posts