How Safe Is It To Use WhatsApp?

The prevalence of various messaging apps all over the world only struck me when I went abroad for the first time. While meeting new people at hostels around Western Europe, I very quickly learned that WhatsApp, a popular messaging app used worldwide, was the way to connect with people. Around 1.5 billion people across 180 countries communicate through WhatsApp. Whether I was in Germany or France, people frequently asked for my WhatsApp first, and never my phone number. I experienced the same thing in Japan when I made a Line account to chat with new friends. I never once thought about the security of these messaging apps. Yet, as a well-established trade-off that comes with the convenience of technology, there are always uncertainties regarding how well these messaging apps safeguard users’ data. 

In May 2019, news stories began circulating about a security breach through WhatsApp, later determined to have affected about 1400 users worldwide. WhatsApp put out an update soon after, patching up the loophole in its operating system that allowed such an attack. 

However, this update came too late for some of the affected users. In November the Facebook-owned company announced plans to sue NSO Group, an Israeli based company allegedly responsible for creating the spyware. 

NSO Group sells cybersecurity products, such as Pegasus, to both Middle Eastern and western intelligence agencies for the purpose of countering terrorism and fighting crime. They currently allege that NSO Group used WhatsApp servers to target various people including government officials, diplomats, political activists, and journalists, 121 of whom were reportedly Indian. 

Hackers used weak spots in the WhatsApp system to infect the virus, named Pegasus, into IOS, Android, and BlackBerry operating systems. It only took a phone call; one that whether answered or not could still infect a phone’s operating system. Afterward, the phone call could be promptly erased from the call history. Once Pegasus affected a phone, hackers could use it to remotely access information such as call logs, messages, emails, as well as turn on a phone’s microphone and camera. 

According to the plea made by WhatsApp, NSO Group allegedly breached the contract terms of service by using the system without authorization and in a manner that harmed WhatsApp, its users, and services. The company denied these allegations and denied that it helped Israeli government agents by using Pegasus.

At this time, the exact culprits remain unknown. 

For everyday users, the question arises that whether WhatsApp adequately protects their data and information or is it vulnerable to more of such security breaches. Would deleting the app and switching to a different one mean better data protection? Not necessarily, according to some experts who told BBC that there is no reason to believe any other app would prove “any less safe” in a similar situation.

Given our growing reliance on technology and messaging apps, we need to be cognizant of the possibility of these types of attacks that can hack any one of our apps to infect devices. As people continue to sync their lives into their devices, these problems become more important to address. What steps can be taken to ensure cybersecurity when applications and software grow in sophistication, especially given their prominent use in everyday society?

Data breaches have occurred in a variety of settings; from stores like Target to banks such as Capital One. For individuals, several tips can help better protect information. 

Never leave devices unattended, utilize complex passwords, practice safe-clicking techniques on websites and links, and back up anti-virus software can all be helpful precautions to take. Though when attacks come through trusted apps, it can be difficult not to throw our hands up in exasperation. Much of it comes down to keeping our systems and apps updated while being aware that security is never entirely full-proof.