Boardroom Technology

WhatsApp faces daunting security issues

WhatsApp for business communication should be aware of these reports.

“Whatsapp scams explode in Hong Kong,” is the headline of April 9, 2019  press report  in the South China Morning Post. AsiaOne reported a separate Asian security breach: “Beware: there’s a scam involving hacked whatsapp accounts.” And on May 15, 2019, Reuters reported : “In India election, a $ 14 software tool helps overcome WhatsApp controls.”

And then, on May 13, 2019, the Financial Times reported a major global breach in which WhatsApp attackers exploited a vulnerability in the popular messaging app to inject spyware into phones.

The spyware, developed by an Israeli intelligence firm, “is sent through the app’s voice call function to users’ phones. It could not be picked up, so the calls could disappear from call logs, ” according to one expert. Updating the app’s closes the vulnerability, WhatsApp said.

In comparison, the Diligent Messenger app , where the entire application is part of the  Diligent Governance Cloud , has been designed from the bottom up for the highest grade of security.

Here’s why all scandals are breaking out across Asia.

Experts note broad WhatsApp security issues

Facebook-owned WhatsApp is among the most popular social messaging apps in Asia, although it is considered to be stiff competition from local providers like LINE in Japan, the Korean Kakaotalk and the Chinese WeChat, according to one expert .

The popularity of WhatsApp, however, has made it a hit at the office: workers bring their phones to the office with them, and, inevitably, use the app to discuss sensitive workplace topics.

This presents a major security challenge, as security experts give WhatsApp a “Poor” rating for security. It does not protect user IDs and data – in fact, the parent firm Facebook has been known to access this data.

WhatsApp does not use 2-step authentication and user accounts can not be locked down. If a user loses a phone, whoever picks it up gets full access to the WhatsApp account. “The app should have a means to destroy messages,” the expert says.

While messages are encrypted, parallel protection is not used. Richard Dennis, founder of the blockchain firm Temtum, told  The Independent . The hacker can access the data pre-encryption and post-decryption. “

A good example of this was revealed in August 2018: “Security researchers at Check Point found vulnerabilities in WhatsApp that they allowed hackers to edit someone’s messages in a group chat, raising fears that could spread fake news. They were also able to use the ‘quote’ feature in a group conversation to change the identity of the sender. “

Yet another issue: WhatsApp messages are backed up to Google Drive and iCloud. The backups are not encrypted, however, and so hacking into your online storage account provides access to all your messaging according to Matthew Green, an assistant professor at the Johns Hopkins Information Security Institute. That’s what happened to Trump campaign chair Paul Manafort when FBI investigators obtained his WhatsApp messages, and that ultimately led to his conviction in court.

Scandals in Asia

So, what happened in Hong Kong? WhatsApp user identities are not protected – hackers stole the identities of users – and then they use them to contact friends and convince them to invest in point cards for online games, which they expect to resell at a profit. The scam cost victims a total of HK2.7 million ($ 340,000).

And, as AsiaOne reported, hackers across Asia are using fake verification codes to take over accounts. WhatsApp itself, according to experts at the International Institute of Cyber ​​Security. So the user believes he / she is setting up a new account, or changing a password, when in fact the account information is being shared with the cyber criminals.

And, in India, where WhatsApp messaging – hate crimes and violence, WhatsApp restricted the forwarding of any message to a total of five people. But a workaround what made and sold for about $ 14, and that’s annoyed India’s recent elections.

WhatsApp does, there’s a workaround, “Rohitash Repswal, a New Delhi-based digital marketing expert who used the hack to send 100,000 messages, told Reuters.

Diligent Messenger provides Asian companies with bulletproof security

No such issues arise when using  Diligent Messenger,  which is 100 percent secure. Diligent’s  Governance Cloud  has been intensively upgraded to protect it from all existing security threats, and the diligent experts continue to add new hacker threats evolve. Diligent Messenger has its own security features.

Communicating via email or external apps is easy and convenient, but it puts company information at significant risk. In addition to being error-prone, such tools are insecure and vulnerable to phishing attacks, password hacks, and other potential breaches. Cyber ​​risk oversight is a key priority for governance leaders, yet over  50 per cent of directors and C-suite executives use email  to communicate about their organization’s most sensitive topics.

Across industries, directors and executives rely on Diligent’s secure messaging tool to communicate with one another in real time on critical topics. Diligent Messenger can be used to maintain control over confidential communications, distribute documents and files for faster and easier board collaboration, and ensure rapid response during crises. Diligent’s secure messaging tool can be used as a standalone messaging tool as well as a one-stop shop for document sharing and secure communications.

It’s accessible via iOS and Android apps and Web browsers. Diligent Messenger is easy to use across your board sites, with badges, banners, and push notifications alerting you to unread messages or announcements on other sites.

Diligent Messenger features

Using WhatsApp, Skype, WeChat or other traditional public messaging systems creates opportunities for  boardroom communication , as it allows messages to remain in an insecure environment. Diligent Messenger enables safe, secure board member communications wherever your board of directors needs to be.

By moving confidential board communications out of personal systems, it is easy to communicate with the right people at the right time. Diligent Messenger seamlessly integrates with diligent boards  secure  board management software to enable secure messaging and real-time collaboration.

Key Features of Diligent Messenger :

  • Bulletproof security
  • Log-in authentication
  • Options to disable copy / paste and forwarding
  • Message lifespan settings
  • Ability to recall messages sent in error
  • Swift “wiping” capabilities for lost or compromised device

For a free consultation with one of our governance experts you can arrange a meeting now.

Board Portal Buyer’s Guide

With the right Board Portal software, a board can improve corporate governance and efficiency while collaborating in a secure environment. With lots of board portal vendors to choose from, the whitepaper contains the most important questions to ask during your search, divided into five essential categories.

Featured Blog