The Indian Government has warned WhatsApp to fortify the security and said that it will ‘not tolerate‘ any such breaches in the future. IT Minister Ravi Shankar Prasad said that the Personal Data Protection Bill is set to be proposed soon.

Crux of the Matter

1. India has sought a report from WhatsApp over the Pegasus spyware attack that hacked mobile phones of 121 prominent Indian citizens.

2. Minister brought to the notice that a ‘vulnerability note‘ was issued by the Computer Emergency Response Team-India (CERT-In) on 17th May 2019.

3. On 20th May 2019, WhatsApp had informed CERT-In in writing that it had fixed a vulnerability that may allow remote control of one’s device.

4. IT Minister Ravi Shankar mentioned that were adequate laws in place to counter hacking and spyware and that a new bill protecting personal data of users is expected to be proposed.

Curiopedia

WhatsApp End-to-End Encryption – On April 5, 2016, WhatsApp and Open Whisper Systems announced that they had finished adding end-to-end encryption to “every form of communication” on WhatsApp, and that users could now verify each other’s keys. Users were also given the option to enable a trust on first use mechanism in order to be notified if a correspondent’s key changes. According to a white paper that was released along with the announcement, WhatsApp messages are encrypted with the Signal Protocol. WhatsApp calls are encrypted with SRTP, and all client-server communications are “layered within a separate encrypted channel”. Read More

Curated Coverage

1. Times of India – WhatsApp expresses ‘regret’ over Pegasus snooping row

2. Live Mint – Centre warns WhatsApp against any further breaches in security

3. NDTV – Centre Denies Role In WhatsApp Snooping, Says Issued Warning Months Ago

#CyberWarfare #Pegasus #Surveillance #WhatsApp