British Government Ministers Risk Being Hacked

WhatsApp users have been hit by an urgent warning from technology experts after a potential hacking hazard was identified by a secretive Israeli surveillance firm Paragon Solutions. Paragon have reportedly discovered a method to break into a host of encrypted smartphone apps.

As a consequence, the UK Government Security Group has issued guidance to government ministers following questions being raised about ministers using their personal phones WhatsApp and private email. to conduct official business. 

Prime Minister Boris Johnson’s has also been accused of poor cyber security, after it was revealed last year that he was still using his personal mobile number that was widely available. 

It is understood the guidance was issued in May after high-profile stories about hackers exploiting WhatsApp. “The National Cyber Security Centre (NCSC) and the Government Security Group in the Cabinet Office may also issue guidance in response to specific threats... For example, the Government Security Group recently provided advice on how to secure devices using two-factor authentication in response to hackers using fake messages to access WhatsApp.” UK Cabinet Secretary Simon Case said.

Hackers are known to have targeted Heads of State and other government officials around the world through WhatsApp, with Ministers in Australia, the Netherlands and South Africa having suffered successful attacks on their digital devices 

Police forces in the UK have issued warnings about a widespread fraud  targeting WhatsApp users in which fraudsters control a WhatsApp user’s account and messages one of their contacts under that guise. This is sent at around the same time a text or email is received by that same contact from WhatsApp, which contains a verification code that the hacker has requested by pretending to be them.The scammer explains that they accidentally requested the code to be sent to the contact’s number and ask that they send it over to them.

Apple iPhones can also be compromised and their sensitive data stolen through hacking software that doesn’t require the target to click on a link, according to a report by Amnesty International, who say their researchers have discovered iPhones belonging to journalists and human rights lawyers had been infected with NSO Group’s Pegasus malware that can provide the attacker access to messages, emails and the phone’s microphone and camera.

GuardianDaily Record:     Hitechglitz:    Bollyinside:    Infosecurity Magazine:    Wales Online:   

Businesss Telegraph:    Birmingham Mail:     Image: Unsplash

You Might Also Read: 

WhatsApp Updates Its 'Privacy' Rules:

 

« New Ransomware Variant Discovered
The Taliban's Mastery Of Information Warfare »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

HackerStorm

HackerStorm

HackerStorm provides vulnerability research, advisories and tools to help improve the success of your penetration testing.

Certification Magazine

Certification Magazine

Certification Magazine is an IT technical training and certification publication

Arsenal Insurance Company

Arsenal Insurance Company

Arsenal is an insurance provider based in Moscow, Russia. Services offered include Cyber Risk insurance.

Ground Labs

Ground Labs

Ground Labs is a security software company dedicated to making sensitive data discovery products that help organisations prevent sensitive data loss.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

Centre for Development of Advanced Computing (C-DAC)

Centre for Development of Advanced Computing (C-DAC)

C-DAC is the premier R&D organization of the indian Ministry of Electronics & Information Technology. Areas of research include cyber security.

NordForsk

NordForsk

NordForsk facilitates and provides funding for Nordic research cooperation and research infrastructure. Project areas include digitalisation and digital security.

International Federation of Robotics (IFR)

International Federation of Robotics (IFR)

The International Federation of Robotics connects the world of robotics around the globe. Our members come from the robotics industry, industry associations and research & development institutes.

The Open Group

The Open Group

The Open Group: Leading the development of open, vendor-neutral IT standards and certifications.

UnifyID

UnifyID

UnifyID is an identity platform that offers seamless security through implicit authentication.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Taqnia Cyber

Taqnia Cyber

Taqnia Cyber specializes in the fields of cyber security, intelligence, operations, and training. It offers its services and consultations to both public and private sectors.

Keynetic Technologies

Keynetic Technologies

Keynetic focuses on developing cybersecurity solutions for Industry 4.0.

DataEndure

DataEndure

DataEndure helps companies build digital resilience so that their critical information assets are protected and available to the right people, at the right time.

Castellum Labs

Castellum Labs

Castellum Labs offer a full range of services from Vulnerability Audits, Configuration Assessment and Red Teaming to fully Managed Detection & Response (MDR).

Nigerian Communications Commission (NCC)

Nigerian Communications Commission (NCC)

NCC has established a CSIRT for the telecommunication industry to provide services and support for the prevention and management of potential cyber security related emergencies.

Apono

Apono

Apono enables DevOps and security teams to manage access to sensitive cloud assets and data repositories in a frictionless and compliant way.

Infiot

Infiot

Infiot is a pioneer in enabling secure, reliable access with zero trust security, network optimization, edge-intelligence and AI driven operations for all remote users, devices, sites and cloud.