Whatsapp ‘Hack’ Is Serious Rights Violation, Say Alleged Victims

from The Guardian

More than a dozen pro-democracy activists, journalists and academics have spoken out after WhatsApp privately warned them they had allegedly been the victims of cyber-attacks designed to secretly infiltrate their mobile phones.

The individuals received alerts saying they were among more than 100 human rights campaigners whose phones were believed to have been hacked using malware sold by NSO Group, an Israeli cyberweapons company.

WhatsApp launched an unprecedented lawsuit against the surveillance company earlier this week, claiming it had discovered more than 1,400 of its users were targeted by NSO technology in a two-week period in May.

Filed in a Californian court, the lawsuit described the alleged attacks as an “unmistakeable pattern of abuse” that violated US law.

Two pro-democracy campaigners from Morocco who received the WhatsApp warnings said any use of the sophisticated malware, known as Pegasus, against them would be a serious violation of their rights.

More here.

, , , , , ,

5 Responses to Whatsapp ‘Hack’ Is Serious Rights Violation, Say Alleged Victims

  1. Kathleen Watts November 8, 2019 at 5:19 pm #

    Our world is changing in a way unprecedented. Governmental powers across the globe are changing their approaches to meet the digital world, specifically nations and groups bent on authoritarian control. For most people, the apps they use on their phones just fill up the leisure time they have. However, much of their personal data is incredibly telling to those who want to control or exploit them. People like Aboubakr Jamaï and Abdellatif El Hamamouchi, are finding now that groups will do anything to uncover the actions of those that they feel threaten them. While they may try to persuade us to, we cannot disconnect NSO from their dealings with authoritarian governments. They are not simply onlookers, they are players on the field, and we have no reason to take their word for it. This includes the employees who are mad about their accounts being taken down. The did not react with questions or concerns, they reacted with an exaggerated anger. They called Facebook the world’s biggest privacy violator, which is simply not true. Sure, Facebook has done some pretty unfavorable things with people’s data, but some governmental powers in this day-and-age are much worse. For instance, China has pretty much staked claim in any data they can get their hands on, whether it be their citizens, or people who foreign companies. The NSO employees are simply mad. We’ve talked about this many times before, that companies get rights to our data simply by having us sign Terms of Service Agreements, which we do. Sure, there is a strong case to be made that this practice is manipulative, if the NSO employees are going to call Facebook the biggest privacy violator then maybe they should be aware that they signed their privacy over. On the other hand, almost every governmental power in the world has collected data and information of its citizens without asking or signing a contract. It so obvious that these employees are complicit in the actions of NSO and are trying to redirect blame onto another company. This is not something new and this is not something that is only going to happen once. As we dive further and further into this digital age, we will see more of this. Our technological advances have just opened up new ways for powerful groups to attempt to control the people against them. They don’t need spies moving to other countries and blending in much anymore, they can just set a virus in your phone of hack a database and get your information that way. The real kicker is that the best way for a human rights activist in an authoritarian government to get their message out is to port it. This gives the government access to their personal opinions and makes them targets. It’s good that WhatsApp took initiative to alert some of the people who were targets of this attack, now they know how to defend themselves. This could be a sign that Facebook is changing strides, though that is yet to be seen. We need the help of companies like Facebook in this new age. When groups attempt to harvest the data of people they fear, they only people that can protect and alert us are the people that hold our data and messages. The next era of war is in the cloud.

  2. Tyler Abline November 8, 2019 at 7:00 pm #

    Due to the way we use the internet now, cyber attacks are now a reliable way to cause harm to the victim. Unfortunately activists now seem to be under attack with cyber attacks. Cyber crimes are difficult to combat due to the anonymity that they can be carried out with, but fortunately in this case they seem to know who is responsible. The fact that WhatsApp informed the affected parties and is working on a lawsuit against the aggressors is a positive sign and I think it reflects very well that WhatsApp is working to defend their users. Companies need to take initiative to defend their customers in the event of cyber attacks, and hopefully they follow the lead of WhatsApp. While this Israeli company should be held accountable for selling the malware I fail to see how they will be punished. Cyber attacks like this one will likely only become more and more common, and hopefully we will be prepared to defend against these types of attacks and bring those responsible to justice.

  3. Corinne Roonan November 11, 2019 at 1:23 pm #

    Another day, another hacker. Another hacker, another loss of privacy and data. Another loss of privacy and data, another loss of security. That is how issues like this arise and cause so many issues in our society and government today. The growth of technology, as discussed very often in class deliverables, proves to cause incredible issues with the security of not only people and users, but of entire countries.
    In this case, political activists were hacked on their personal cell phones, a place where so much data piles up and exists for the taking. In this case, hackers from an Isaeli cyberweapons company, took data from the user’s phones through WhatsApp.
    Wait a second. Cyberweapons company? That exists? Apparently so. That in itself seems like an issue calling for resolution. How a cyberweapons company even allowed to exist under the laws of any country is beside me. It is almost laughable, except it absolutely is not because the data and privacy of people is at stake because of such companies. WhatsApp is launching a lawsuit against the company, which makes sense, except it is going to do absolutely nothing to the company. The company is going to continue its operations because quite honestly, if you are involved in a cyberweapons company, you do not care about the value of data privacy unless you can use it against someone else.

  4. Joe Antonucci November 15, 2019 at 8:23 pm #

    I have been seeing an advertisement from the U.S. Army more and more recently. It reads “Can you hack it as hacker for the army?” and is intended to recruit computer science students to put their skills to use for the United States Army.

    We think of ‘warfare’ in pretty conventional ways. We think of soldiers, guns, tanks, and planes. In recent years warfare has become technologically driven, with piloted drones being used to strike targets without jeopardizing any American lives.

    Cyber warfare defies these conventional notions. In some ways, a cyber attack on this nation would be more effective than a conventional military attack. I read a book on this topic by Ted Koppel called ‘Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath.” Koppel argues that “a major cyberattack on America’s power grid is not only possible but likely, that it would be devastating, and that the United States is shockingly unprepared.”

    An attack of this kind would cripple our society. Supermarkets would run out of food quickly when the gasoline stops pumping. Law enforcement would desert their jobs during this time of crisis in order to protect their own families. Anarchy would ensue. Groups would form, claim territory, and fight for limited resources. The worst of criminals would be free to steal or kill without fear of facing justice.

    A scenario like this is much more threatening to this country than ANY form of conventional warfare. Even a nuclear bomb would only wipe out a portion of the nation; a continental blackout would ruin everything, everywhere.

    The army is fully aware of this, and that is why they are looking for ‘cyber warriors’ to help protect the country — and engage in similar cyber attack efforts against our enemies.

    The case of Pegasus being deployed against political dissidents represents the future of warfare, in my opinion. People with the ‘wrong’ views have always had to worry and watch their backs; there is always someone out to get them. This threat is amplified now. Successful hacks may not even result in bodily harm to the individual; the hacker could simply inform the person that their personal information has been seized, and use it to blackmail them into submission.

    For a journalist or activist who is targeted, the damage would not emanate much beyond that individual. The article specifies, however, that “unnamed diplomats and senior government officials” were also targeted. Hackers almost certainly will try (or have tried) to target senators, White House Cabinet members, and other officials who would possess sensitive national security information.

    A legitimate spying attempt on the White House was unearthed less than two years ago. Small devices used to monitor cell phone conversations were found around Washington D.C., and intelligence officials concluded that Israel was responsible. Trump, for whatever reason, did not so much as verbally rebuke the Israelis who were caught spying on him!

    At the very least I can say that the army is visibly trying to keep up with these trends, and that is a good thing. After all, it will mean that the nation is safer.

    I think.

  5. Shamar K November 15, 2019 at 9:03 pm #

    Its seems like everyday there is another headline exclaiming that the privacy, personal data and assets of people are being compromised. It is no surprise to me that the information that is being breached is being narrowly targeted to certain users. Adjacent to the most recent TID that I have written, money rules the world. A company who claims that there core model consists of selling product that “helps” against the war on terrorism is being accused of selling malware that is being used to hack into social activists is absurd. Now, the integrity and reputation of NSO is at risk once again because once again there is no precaution as to who they are selling to. All of this information and detail is superficial and it all comes down to the integrity of a people and business. The fact that their software is being used in such a manner shows and lack of care for human beings and what their company “stands” for. This is the first time that I’ve heard of a company that specializes in cyber weapons. It all seems like a fairytale or movie ideas but it is seen in real life. This all comes down to the moral of the individuals in charge of these valuable companies.

Leave a Reply