The WhatsApp hack was possible because cyber warfare is a lawless land
ThePrint Essential

The WhatsApp hack was possible because cyber warfare is a lawless land

WhatsApp was hacked by a software developed by Israeli firm NSO, which is a small part of the unregulated environment of hackers, developers & sovereign govts.

   
The Facebook Inc. WhatsApp application is displayed in the App Store on an Apple Inc

WhatsApp application displayed in the App Store. | Photo: Andrew Harrer | Bloomberg

New Delhi: Last week, exploiting a security loophole in the Facebook-owned messenger service WhatsApp, hackers injected a spyware into several mobile phones. While the identity of the hackers is still unknown, it is known that an Israeli company, the NSO Group, developed the spyware.

The hackers succeeded in installing the spyware on both Android and iPhones by making WhatsApp calls to the users. The spyware was transmitted even if the call wasn’t received. In several cases, the call disappeared from the logs soon after.

It took WhatsApp until Monday, 13 May, to acknowledge the hack. It issued an advisory, asking its 1.5 billion users to immediately update the app.

But this is hardly the first instance of a multinational firm being targeted by a cyber attack. ThePrint looks at the world of cyber warfare, which features various state-sponsored hackers, developers such as NSO, and sovereign governments who operate in a completely unregulated environment.


Also read: Nazi propaganda isn’t dead, it now happens on WhatsApp


NSO, a billion-dollar developer

NSO is an Israeli technology firm which focuses on cyber security. Originally founded by Israeli general Avigdor ben-Gal, the firm has maintained very close ties with the Israeli government and its security forces.

It has been reported that before the NSO can sign a contract with a foreign government, the deal has to be approved by the Israeli government. Thus, NSO has often acted as a diplomatic and cyber surveillance tool of the government.

It was bought over by American private equity firm Francisco Partners in 2014, but has continued to retain its close ties with the Israeli government. On 14 February 2019, when the founders reacquired NSO from Francisco, it was valued at $1 billion.

NSO developed a spyware, Pegasus, over a decade ago. Over the years, it has been updated and developed into three different versions, one of which was used to infiltrate WhatsApp last week.

According to a report in the Financial Times: “Within minutes of the missed call, the phone starts revealing its encrypted content, mirrored on a computer screen halfway across the world. It then transmits back the most intimate details such as private messages or location, and even turns on the camera and microphone to live-stream meetings.”

This highly effective modus operandi has allowed NSO to sell its software as “zero clicks technology”.

NSO claims that it has sold Pegasus to dozens of governments, which use it to prevent terrorist attacks, infiltrate drug cartels, and perform other security functions. But the reality seems to be darker than claimed by NSO.


Also readWhatsApp reports software glitch after hack attack, urges users to update app


Dark side of Pegasus 

Researchers at the University of Toronto’s Citizen Lab have been shadowing Pegasus since 2017. They claim that over 40 countries, including Bahrain, the UAE, Saudi Arabia and Morocco, have used the software.

There are currently two on-going lawsuits against NSO, in Israel and in Cyprus. According to these cases, governments have allegedly used Pegasus to track dissidents, journalists, and human rights activists.

Details have emerged on NSO’s dealings with the Saudi and Mexican governments, which present a bleak image of how governments plan to use this spyware.

A businessman told Financial Times in 2017 that the Saudi government had paid NSO $55 million for ‘Pegasus 3’, which would allow it to track 150 targets simultaneously.

The lawsuit in Israel revealed that the Mexican government paid NSO $32 million in 2014 for ‘Pegasus 2’. This spyware included a feature called Enhanced Social Engineering Message, which would allow the government to send text messages to users, customised to their social media profiles. Once the user clicks on it, the spyware would be automatically transmitted.

NSO claims that it has a robust internal vetting process, and has rejected business worth $150 million over the past three years. But its critics call this vetting process a sham. They point to NSO’s dealings with countries like Saudi Arabia, which have a history of human rights violations.

The big picture: An unregulated cyberspace

The number of cyber attacks has surged dramatically over the past few years. The US and its allies accuse China of using state-sponsored hackers to target their companies and conducting cyber theft.

A 2015 agreement between the US and China had reduced these attacks for a brief while, but they have again resumed.

Last year, the US Department of Justice issued indictments for several hacking-related incidents, including cases against a dozen Chinese companies and individuals. But most of the indicted individuals continue to live in China, and the American efforts to get them deported have had no impact.

The nub of the problem seems to be the complete absence of any ground rules governing cyber behaviour, such as restrictions on developing capabilities. Unlike nuclear warfare, which features the logic of ‘mutually assured destruction’, there have been no doctrines agreed upon for cyber warfare.


Also read: Here’s what WhatsApp can do to prevent targeted attacks on public figures