After the NSO Group’s (an Israeli cybersecurity firm) alleged attack on WhatsApp, Pakistan’s Ministry of Information Technology has barred higher Pakistani officials from sharing any government documents over the Facebook-owned platform.
The debate about WhatsApp’s security being compromised started back in May this year. WhatsApp has a buffer overflow weakness that allowed the NSO Group to plant spyware in more than 1400 devices, out of which some were allegedly from Pakistan.
On 29th October, Facebook filed a lawsuit against the NSO group claiming that the cybersecurity firm sold a hacking platform in several countries (Pakistan included). The platform exploited WhatsApp’s buffer overflow flaw and helped clients hack into cellphones between a timeframe ranging from April 29, 2019, and May 10, 2019.
As a result, Pakistan’s Ministry of Information Technology issued a letter dated 8th November 2019, asking higher officials to not use WhatsApp for official communications.
The ministry has asked the officials to:
- Not share classified or official information over the platform.
- Upgrade their WhatsApp to the latest version which fixes the buffer overflow issue.
- Replace their smartphones in case they were bought before 10th May 2019.
Just a week ago, a similar advisory was issued by the Indian army which mentions that there have been instances where information was lost through social media, which shows the negligence of army personnel.