It is a common notion that instant messaging apps like WhatsApp must implement the strongest possible encryption to prevent user tracking and privacy invasion.
That’s fine from a user’s perspective. However, what if the user is a potential terrorist and the law enforcement fails to nab the individual only because of the security restrictions?
The same has happened in a recent incident involving European law enforcement and an alleged ISIS member.
The Wall Street Journal reports that European investigators had managed to install spyware in the mobile phone of a suspected terrorist having links with the so-called Islamic State.
Through the spyware, the investigators were tracking the suspect and were about to locate him but failed because the suspect was warned by WhatsApp.
Resultantly, the suspect shut off his phone and the investigators were unable to track his whereabouts any further.
Reportedly, on 29 October 2019, the Facebook-owned WhatsApp sent a warning to 1,400 users including journalists and activists informing them that their phone is hacked by a very “advanced cyber actor.” The suspect was among those users receiving the warning.
The warning message read:
“An advanced cyber actor exploited our video calling to install malware on user devices. There’s a possibility this phone number was impacted.”
Here’s a full preview of the message sent by WhatsApp:
The investigators revealed that they got spyware from the Israel-based infamous NSO Group to track down the suspect. They learned about the possibility of a terror attack during the holidays and could have arrested him if the phone wasn’t shut off.
“We only had that one phone; We put all our efforts into using this product to see what he was doing, which mosque he was going to, who was talking to him, whether the group was spread in neighboring countries,” but their efforts were rendered ineffective because of WhatsApp’s intervening, explained the head of the investigation team.
The investigators had obtained special permission from an unidentified judge to hack the suspect’s phone using every possible method.
When they identified that suspect was using encrypted messaging from WhatsApp for communicating with his aides, they bought spyware to hunt him down.
The Western European country’s government used its contract with the NSO Group to get the spyware they needed.
In its defense, WhatsApp claims that it doesn’t allow any kind of spying, be it from users or government agencies, as it is an illegal approach. The issuance of warning was necessary to protect its users.
India, WhatsApp’s biggest market with 400 million users, has asked the Facebook-owned (FB.O) company to explain the nature of a privacy breach on its messaging platform that has affected some users, Technology Minister Ravi Shankar Prasad said.
“We have asked WhatsApp to explain the kind of breach and what it is doing to safeguard the privacy of millions of Indian citizens,” Prasad said in a tweet on Thursday.
The surveillance revelations come after the messaging platform sued Israeli surveillance firm NSO Group on Tuesday, accusing it of helping government spies break into the phones of roughly 1,400 users across four continents including diplomats, political dissidents, journalists and government officials. NSO denied the allegations.
In its lawsuit filed in a federal court in San Francisco, WhatsApp accused NSO of facilitating government hacking sprees in 20 countries, calling it “an unmistakable pattern of abuse.”
The attack, according to WhatsApp, exploited its video calling system in order to send malware to the mobile devices of a number of users. The malware would allow NSO’s clients – said to be governments and intelligence organizations – to secretly spy on a phone’s owner, opening their digital lives up to scrutiny.
People familiar with WhatsApp’s investigation told Reuters that a significant number of Indian civil society figures were put under surveillance using the Israeli spyware.
The company has not identified anyone by name, users including Indian lawyers, academics, Dalit rights activists and journalists have come forward to say they received warnings from WhatsApp that they were the targets of espionage.
WhatsApp said Indian users were among those contacted by it this week.
WhatsApp declined to comment on Prasad’s tweet, but referred to a previous statement from the company which said it believes people have the fundamental right to privacy and no one else should have access to their private conversations.
Sidhant Sibal, a New Delhi-based journalist, told Reuters the University of Toronto’s Citizen Lab – which investigates digital espionage among other research projects – called him about a month ago, informing him that his WhatsApp account was one of several under surveillance.
He received a text message from WhatsApp this week saying it cared about “your privacy and security”.
“In May we stopped an attack where an advanced cyber actor exploited our video calling to install malware on user devices,” the company said, explaining why it was writing to Sibal and other affected users like him.
“There’s a possibility this phone number was impacted, and we want to make sure you know how to keep your mobile phone secure,” he said.
Citizen Lab in a post on its website dated Oct. 29 said it was helping WhatsApp investigate the incident and would continue to contact affected individuals to help protect their security.
Last year the Indian government began pushing the Cupertino, California-based company to trace the origin of some messages, saying the platform was being used to spread misinformation.
WhatsApp has always maintained it will not take such steps, which would require it to weaken encryption and other privacy protections.
Globally, the platform is used by some 1.5 billion people monthly and has often touted a high level of security, including end-to-end encrypted messages that cannot be deciphered by WhatsApp or other third parties.