WhatsApp hit by cyber attack
Global messenger service WhatsApp have discovered a system vulnerability that has allowed hackers to remotely inject spyware into the user’s phone through the app’s phone call function.
The spyware was developed by the Israeli cyber intelligence company NSO Group, according to the Financial Times, which first reported the vulnerability.
Attackers could transmit the malicious code to a target’s device by calling the user and infecting the call whether or not the recipient answered the call. Logs of the incoming calls were often erased, according to the report.
WhatsApp said that the vulnerability was discovered this month, and that the company quickly addressed the problem within its own infrastructure.
WhatsApp promotes itself as a "secure" communications app because messages are end-to-end encrypted, meaning they should only be displayed in a legible form on the sender or recipient's device. However, the surveillance software would have let an attacker read the messages on the target's device. WhatsApp have urged users to update their apps as an added precaution.
Awareness of the threat of cyber-attacks is increasing, with almost 72% of respondents acknowledging the risk of cyber threats is high*. The report also shows that the implantation of GDPR in 2018 has had a positive effect on increasing attention to cyber threats.
With global cybercrime damages predicted to grow it’s important for all businesses to have steps in place to avoid breaches. At G&M International our Cyber Insurance can provide financial reimbursement, as well as a 24 hour 365 day helpline (also known as Breach Response) which gives businesses access to forensic accountants and lawyers, data recovery experts, PR companies and a whole host of professionals who can help in the mitigation of losses and the recovery of systems.
For more information about our Cyber Insurance or to discuss your cyber needs call us on +44 (0) 207 977 1490.
* Source: gov.uk