NCSC urges swift action on WhatsApp breach
Government cybersecurity agency issues guidance telling users to act ‘quickly’
WhatsApp users should update their apps after a security attack that could have allowed hackers to spy on users’ phones, the National Cyber Security Centre has recommended.
With WhatsApp admitting that a small number of accounts have been affected and urging its 1.5 billion users to update their phones, the NCSC warned that “it’s important to apply these updates quickly, to make it as hard as possible for attackers to get in”.
- Amber Rudd: ‘I don’t need to understand encryption to understand it’s helping criminals’
- ‘The prospect of a category-one cyberattack is not receding’
- Message to Amber Rudd: Undermining encryption makes us less safe
WhatsApp uses end-to-end encryption, meaning messages should only be displayed in a legible form on the sender or recipient's device.
But the breach came after hackers were able to remotely install surveillance software on phones and other devices.
The surveillance software would have let an attacker read the messages on the target's device.
The company said: “The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems.”
Annual fraud data shows lost phones, online shopping sprees and some mysterious missing timepieces
Items designed to remind members to be on the lookout for phishing attacks and use a variety of passwords across different accounts
Military to conduct 12-month pilot that aims to engage with people via online events
Department says investigation into leaking of email address has been satisfactorily closed
PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right