WhatsApp hack highlights dangers for business
The communications industry is calling for organisations to stop using consumer-grade, free apps when handling sensitive or commercial information. For people with jobs where security is paramount, for example, journalists, humanitarians, activists or special services working in unfriendly regimes, a phone that has been hacked via an app could put life at risk. For others, the risk of individual’s private information or commercial data being accessed will damage an organisation’s brand integrity and share price. This comes after WhatsApp was recently targeted by cyber criminals.
Daniel Follenfant, Senior Manager Penetration Testing, Consulting Services NTT Security commented, “The hacking of WhatsApp’s messaging service is a classic example of a Buffer overflow attack.
Buffer overflows aren’t new, but you don’t often see them these days and this attack is particularly clever because it uses this flaw to gain access to a phone without the user even answering.
In its simplest form Buffer overflows are a way of writing code to an area of the application in memory that will then be executed. The WhatsApp exploitation resonates the classic but more sophisticated buffer flow attack. To carry this out the attacker had to deceive the receiver by making a call and then send the sending packets of data during the process of the call- once the packers transfer are complete; the packet execution forces what’s app internal buffer to overflow, overwriting the apps security and allows surveillance capability on encrypted chat, eaves drop on calls and microphone and control the camera.
There is nothing you can do about this; it is a design flaw and WhatsApp has quickly addressed the problem by releasing a patch for applications already running and the new versions do not appear to be susceptible.”
David Holman, Director at Armour Comms said; “This latest case of a serious vulnerability in a consumer-grade app highlights the dangers of using free apps, and that they are simply not robust enough for business. While such apps claim that they are secure because they are encrypted, there is so much more to security than just encryption. Encryption is rarely the weakest link, and therefore, unlikely to be targeted by hackers.
“While this particular exploit may have been to target people with specific jobs, there are various other everyday hacks that can be executed relatively easily by low level criminals against these types of product that put users’ data at risk. Breaches of GDPR are a risk to every type of business and come with significant fines.”
In 2018, German automotive supplier Continental AG banned its workers from using the messenger services WhatsApp and Snapchat on company phones, due to concerns about GDPR compliance and general security.
Holman continued; “These free apps proliferate by stealth through organisations, unless firms take positive action, like in the case of Continental AG last year. There are enterprise-grade apps available that provide the same convenient user experience of consumer grade apps, while keeping the user in control of their data and metadata. Some of these apps, like Armour Mobile, have been certified by the National Cyber Security Centre (NCSC), so users can be confident that the software is secure by design.”
Dan Boddington, Systems Engineer, StarLeaf commented “The latest WhatsApp exploit is an extremely severe security hole. Despite instant messaging becoming a growing part of our culture of communication, social platforms are often unwisely used for the businesses. This example clearly demonstrates that there are many organisations aggressively hunting for flaws in consumer applications for commercial gain and for use by third parties. Consumer apps are not designed for business usage. Therefore, it is the responsibility of every employee to only adopt the right solutions to minimise risk and protect users’ data (company & customer). Secure messaging specifically engineered for the enterprise enables a more mobilised workforce to meet and message more effectively, as well as remain data compliant.”
These issues are discussed at length in a recent episode of Comms Business Live where WhatsApp was referred to as a “Time bomb” for businesses.
Industry: Unified communication news
- CONTRACT SOC Manager. London / Birmingham. URGENT Immediate role.
REF7847 Contract SOC Manager. SC cleared, London / Birmingham. Initial 3 month Contract. SOC Manager needed to for an URGENT 3-4 month CONTRACT. SC clearance is essential. The project is to aid in the setup, implementation and management of resources to help with the initial stand up stages of a new SOC within a greenfield site. This is a short term contract role whilst a permanent hire is brought on over the coming 3 to 4 months. Experience engaging with and managing client stakeholder relationships as well as 3rd party relationships is critical. The role will involve; setting up, implementing and fine tuning the various initial stages of a SOC environment. Experience establishing and building out technical process / operational capability, managing of technical teams (analysts, engineers and architects, creation of policy / playbooks, fine turning is key. SPLUNK is the tooling of choice… Interviewing immediately. Set up a call with me today on https://calendly.com/chris-holt/arranged-call-with-chris-holt-remote-soc-role Direct contact details Chris.Holt@dclsearch.com or 07884666351
- SPLUNK Level 3 SOC Consultant, SIEM Splunk, London / Birmingham
REF CH7825 Level 3 SOC Consultant, SIEM Splunk, London / Birmingham £55,000 + Level 3 SOC Consultant, SIEM SPLUNK needed. Security Clearance. Permanent role Level 3 SOC Consultant, SIEM SPLUNK needed to join a public sector client. The ability to achieve SC clearance is essential. MUST have experience working with SPLUNK ideally to an Advanced Power User level. Splunk Enterprise Security (ES) knowledge and hands on experience highly desirable. The role will include, but not be limited to; managing and handling incidents end to end, supporting and mentoring level 1 / level 2 staff, supporting the SOC manager in the delivery of the SOC roadmap, engaging with the client stakeholders (other technical teams) as and where needed, use case development, advanced search and reporting etc. The individual MUST currently be living in the UK and be able to achieve UK security clearance. (SC) This is a permanent role To arrange a call with Chris Holt use this calendy link https://calendly.com/chris-holt/arranged-call-with-chris-holt-remote-soc-role Chris.Holt@dclsearch.com
- Aspiring Cyber Partner. Business lead, market maker.
Aspiring Cyber Partner (management consultancy) with Cyber specialism into Healthcare, Utilities and or Public Sector. Working with new and existing clients to help them solve, transform or evolve their cyber capabilities. MUST have; A proven management consultancy background in cyber. A history of identifying and closing new business opportunities. Currently Revenue generating / must be able to demonstrate recent wins. Client facing to board level with international businesses. Team leadership / mentoring experience. Extensive cyber industry experience. Digital transformation, Start-up environments etc. Experienced presenter at industry events, to be the public face of a business / capability. Breadth of knowledge across Cyber security. Service definition / creation. Would consider a senior director with experience delivering the above looking to step up. All conversations kept in confidence. To arrange a discreet call book a time to speak in my diary via https://calendly.com/chris-holt/cyber-partner-call Chris.Holt@dclsearch.com
- Internal Security Auditor, Level 1 Service Provider (ISO27001)
- Upto 65,000 plus benefits
Internal Security Auditor ISO 27001, PCI, needed to join a Cyber team within this expanding Fintech business. The Internal Security Auditor will have end to end responsibility for planning, delivering, remediating any findings etc. Experience working within financial services is highly desirable. This Is a great time to join a newly formed and growing Cyber team within a rapidly expanding fintech, that is taking a major share of its market. We are looking for someone with experience, (but not to be limited to) a mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling etc. ISO 22301, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. Experience taking a company through accreditation is highly desirable Experience managing internal stakeholders, technical teams and external third parties essential Flexible working, but with the ability to get into London. This is an exclusive role to DCL Search & Selection.