KARACHI: In light of fresh claims of Pakistani officials being targeted with a hacking software involving an Israeli spyware company, the Pakistan Telecommunication Authority (PTA) has sought details of the compromised users from the social media company.
In a report published on Thursday, The Guardian claimed that the mobile phones of at least two dozen Pakistani government officials were allegedly targeted earlier this year with technology owned by the Israeli spyware company NSO Group.
According to the report, scores of Pakistani senior defence and intelligence officials were among those who could have been compromised.
The PTA said it had asked WhatsApp to provide details of the remedial measures taken to prevent the occurrence of such hacking attempts in future.
“The public is advised to upgrade the WhatsApp application to latest version and keep the device operating system up to date in order to avoid such incidents. Affected individuals are requested to contact PTA at firstname.lastname@example.org,” it said in a statement released late on Friday.
Mobile phones of two dozen Pakistani officials reportedly targeted
In October, WhatsApp filed a lawsuit against the NSO Group for building and selling a hacking platform that exploited a flaw in WhatsApp-owned servers to help clients hack into the cellphones of at least 1,400 users between April 29 and May 10 this year.
The malware would allow NSO’s clients — said to be governments and intelligence organisations — to secretly spy on a phone’s owner.
“WhatsApp cares deeply about the privacy and security of our users. Once we discovered the spyware issue, we quickly added new protections to our systems and issued an update to WhatsApp to help keep people safe. I also want to reiterate the spyware relied on vulnerabilities within the operating systems that power our mobile phones,” a company spokesperson told Dawn.
“We are committed to doing all we can,” the official added.
When asked to specify details of the users targeted, neither Citizen Lab nor WhatsApp identified the targets by name. “We are declining to comment on additional countries at this time. We are focused on our litigation ahead and expect we will provide more information as the case proceeds,” WhatsApp told Dawn.
Efforts by the govt
In a confidential letter issued by the federal Ministry of Information Technology in November, government officials were advised to not use WhatsApp for official correspondence.
The ministry also advised the government officials to discard all mobile phones purchased before May 10 this year.
Reports of the government working on developing an alternative to WhatsApp to be used for sensitive government data and other classified information also surfaced last month.
When asked if the communication system was being developed in response to the revelations, an official of the National IT Board told Dawn that the development of the project had no connection with the hack. The NITB also said they had no knowledge to confirm users were targeted in Pakistan.
“When it comes to whether or not the Pakistani government is taking this breach seriously, it seems as though it is. Although there was no public statement on the matter, a notice regarding use of WhatsApp was leaked on the internet. Hopefully protocols for digital safety are institutionalised and implemented,” Nighat Dad of the Digital Rights Foundation said while speaking to Dawn.
Published in Dawn, December 21st, 2019