WhatsApp for business communication should be aware of these reports.
“Whatsapp scams explode in Hong Kong,” is the headline of April 9, 2019 press report in the South China Morning Post. AsiaOne reported a separate Asian security breach: “Beware: there’s a scam involving hacked whatsapp accounts.” And on May 15, 2019, Reuters reported : “In India election, a $ 14 software tool helps overcome WhatsApp controls.”
And then, on May 13, 2019, the Financial Times reported a major global breach in which WhatsApp attackers exploited a vulnerability in the popular messaging app to inject spyware into phones.
The spyware, developed by an Israeli intelligence firm, “is sent through the app’s voice call function to users’ phones. It could not be picked up, so the calls could disappear from call logs, ” according to one expert. Updating the app’s closes the vulnerability, WhatsApp said.
Here’s why all scandals are breaking out across Asia.
Experts note broad WhatsApp security issues
Facebook-owned WhatsApp is among the most popular social messaging apps in Asia, although it is considered to be stiff competition from local providers like LINE in Japan, the Korean Kakaotalk and the Chinese WeChat, according to one expert .
The popularity of WhatsApp, however, has made it a hit at the office: workers bring their phones to the office with them, and, inevitably, use the app to discuss sensitive workplace topics.
This presents a major security challenge, as security experts give WhatsApp a “Poor” rating for security. It does not protect user IDs and data – in fact, the parent firm Facebook has been known to access this data.
WhatsApp does not use 2-step authentication and user accounts can not be locked down. If a user loses a phone, whoever picks it up gets full access to the WhatsApp account. “The app should have a means to destroy messages,” the expert says.
While messages are encrypted, parallel protection is not used. Richard Dennis, founder of the blockchain firm Temtum, told The Independent . The hacker can access the data pre-encryption and post-decryption. “
A good example of this was revealed in August 2018: “Security researchers at Check Point found vulnerabilities in WhatsApp that they allowed hackers to edit someone’s messages in a group chat, raising fears that could spread fake news. They were also able to use the ‘quote’ feature in a group conversation to change the identity of the sender. “
Yet another issue: WhatsApp messages are backed up to Google Drive and iCloud. The backups are not encrypted, however, and so hacking into your online storage account provides access to all your messaging according to Matthew Green, an assistant professor at the Johns Hopkins Information Security Institute. That’s what happened to Trump campaign chair Paul Manafort when FBI investigators obtained his WhatsApp messages, and that ultimately led to his conviction in court.
Scandals in Asia
So, what happened in Hong Kong? WhatsApp user identities are not protected – hackers stole the identities of users – and then they use them to contact friends and convince them to invest in point cards for online games, which they expect to resell at a profit. The scam cost victims a total of HK2.7 million ($ 340,000).
And, as AsiaOne reported, hackers across Asia are using fake verification codes to take over accounts. WhatsApp itself, according to experts at the International Institute of Cyber Security. So the user believes he / she is setting up a new account, or changing a password, when in fact the account information is being shared with the cyber criminals.
And, in India, where WhatsApp messaging – hate crimes and violence, WhatsApp restricted the forwarding of any message to a total of five people. But a workaround what made and sold for about $ 14, and that’s annoyed India’s recent elections.
WhatsApp does, there’s a workaround, “Rohitash Repswal, a New Delhi-based digital marketing expert who used the hack to send 100,000 messages, told Reuters.
Diligent Messenger provides Asian companies with bulletproof security
No such issues arise when using Diligent Messenger, which is 100 percent secure. Diligent’s Governance Cloud has been intensively upgraded to protect it from all existing security threats, and the diligent experts continue to add new hacker threats evolve. Diligent Messenger has its own security features.
Communicating via email or external apps is easy and convenient, but it puts company information at significant risk. In addition to being error-prone, such tools are insecure and vulnerable to phishing attacks, password hacks, and other potential breaches. Cyber risk oversight is a key priority for governance leaders, yet over 50 per cent of directors and C-suite executives use email to communicate about their organization’s most sensitive topics.
Across industries, directors and executives rely on Diligent’s secure messaging tool to communicate with one another in real time on critical topics. Diligent Messenger can be used to maintain control over confidential communications, distribute documents and files for faster and easier board collaboration, and ensure rapid response during crises. Diligent’s secure messaging tool can be used as a standalone messaging tool as well as a one-stop shop for document sharing and secure communications.
It’s accessible via iOS and Android apps and Web browsers. Diligent Messenger is easy to use across your board sites, with badges, banners, and push notifications alerting you to unread messages or announcements on other sites.
Diligent Messenger features
Using WhatsApp, Skype, WeChat or other traditional public messaging systems creates opportunities for boardroom communication , as it allows messages to remain in an insecure environment. Diligent Messenger enables safe, secure board member communications wherever your board of directors needs to be.
By moving confidential board communications out of personal systems, it is easy to communicate with the right people at the right time. Diligent Messenger seamlessly integrates with diligent boards secure board management software to enable secure messaging and real-time collaboration.
Key Features of Diligent Messenger :
- Bulletproof security
- Log-in authentication
- Options to disable copy / paste and forwarding
- Message lifespan settings
- Ability to recall messages sent in error
- Swift “wiping” capabilities for lost or compromised device
February 9, 2021
Governance Trends Shaping 2021: 4 Priorities to Drive Success
The COVID-19 crisis, new workplace paradigms, extreme climate change, political and economic volatility, and urgent calls for racial justice have driven a shift to virtual operations. This shift, alongside a move to stakeholder-centric capitalism, has elevated “digital resilience” to a core focus among leadership. These principles must now be translated…
September 7, 2020
Avoiding Cyber Confusion in the Board Room
It is imperative that Directors understand the cyber risks facing their companies and organisations. The increasingly complex internal and external landscape presents unique challenges for Boards. Several key steps can however significantly increase the cyber resilience of any company or organisation, irrespective of size. The article outlines five key steps…
August 20, 2020
Minimising the Risk of Virtual Meetings: 5 Practices Boards Should Avoid
Months into the COVID-19 lockdown, remote workers—and board members—have become more accustomed to virtual meetings. They’ve found a quiet place in the house, mastered the mute and camera buttons, and fully styled their background bookcases and “Zoom couture.” Yet as virtual work becomes a way of life, not all adaptive…