Keep Calm and Update Whatsapp
By MYBRANDBOOK
WHAT HAS HAPPENED, and WHY IS IT A BIG DEAL?
NSO group, a secretive Israeli company has been marketing a vulnerability called a ‘Zero Click Zero Day’ vulnerability in Whatsapp for about a year to surveillance agencies and governments. This type of vulnerability is one where the maker of the app itself, in this case, Whatsapp itself was not aware that a vulnerability existed, and so a Zero Day. ‘Zero Click’ because the targeted user does not need to click on anything, or open anything, it happens silently in the background.
STATEMENT FROM OUR SUBJECT MATTER EXPERT: Ankush Johar, Director at HumanFirewall, an award-winning security awareness and end-to-end remediation platform that transforms human behaviour.
“This type of vulnerability is lethal, because ‘Zero Click Zero Day’ type vulnerabilities mean that the attacker is able to infect your phone without you taking any action whatsoever. Just a phone call on WhatsApp and your phone gets infected. It is that lethal.”
“It is yet unclear whether this infection can spread from WhatsApp to the entire device yet, but Whatsapp data itself including calls and messages definitely are. Also, it is not known yet if updating to the latest build removes the infection from an already infected device.”
“It is a big deal because such vulnerabilities are extremely dangerous and can hurt free speech activists, lawyers, critical agencies’ employees, journalists, human rights defenders among others. They think that their conversations are encrypted end-to-end and cannot be intercepted, but with this vulnerability, they can!”
WHY KEEP CALM?
Such vulnerabilities carry multi-million dollar price tags, and unless your conversations are meant to be ultra confidential, and you are involved in handling highly sensitive matters, you are unlikely to have been targeted. This does not mean that you have not been targeted.
For users handling sensitive matters, we recommend that you do a fresh install of Whatsapp, and start afresh, i.e no reloading of backed up data. The infection may get reloaded from the backup data as well.
“The only solution from a consumer perspective lies in becoming suspicious by nature and be always vigilant of such mishaps. Diligently following some good practices mentioned below can always help you safeguard and be in a much secure place” says Ankush Johar, Director at HumanFirewall, an information security platform aimed at altering one’s psychology through simulated attacks and effective training.
InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce
In a move that is set to transform the AI landscape, Rahul Bhatia, Group M...
Download masked Aadhaar to improve privacy
Download a masked Aadhaar from UIDAI to improve privacy. Select masking w...
Sterlite Technologies' Rs 145 crore claim against BSNL rejecte
An arbitrator has rejected broadband technology company Sterlite Technolog...
ID-REDACT® ensures full compliance with the DPDP Act for Indi
Data Safeguard India Pvt Ltd, a wholly-owned subsidiary of Data Safeguard ...
SAMRIDDHI AUTOMATIONS PVT. LTD.
TP-LINK INDIA PVT LTD.
POLYCAB INDIA PVT. LTD.
SECUREYE SERVICES PVT. LTD.
Technology Icons Of India 2023: Amit Chadha
. An influential leader in the engineering services industry for over ...
Technology Icons Of India 2023: Shailender Kumar
Shailender Kumar is senior vice president and regional managing direct...
Technology Icons Of India 2023: Lt Gen (Dr.) Rajesh Pant (Retd.)
LT Gen(Dr.) Rajesh Panth (Retd.), National cyber security coordination...
C-DAC keeps India ahead in IT & Electronics R&D space
Centre for Development of Advanced Computing (C-DAC) is the premier R&...
INDIANOIL helps reach precious petroleum fuels to every nook and corner of the country
IndianOil, a diversified, integrated energy major with presence in alm...
CERT-IN protecting the cyber security space of India
CERT-In serves in the area of cyber security threats like hacking and ...
ADITYA INFOTECH LTD.
Aditya Infotech Ltd. (AIL) – the technology arm of Aditya Group, is ...
EXCLUSIVE NETWORKS SALES INDIA PVT. LTD.
Exclusive Networks is a globally trusted cybersecurity specialist hel...
ACCERON INFOSOL PVT. LTD.
It is a leading value added distributor in the IT security space and h...