Archives  >  2019  >  November  >  1st

WhatsApp Attacks

1. What’s the story?

In news that has been taking the world by storm, messaging giant WhatsApp has confirmed that “… journalists and human rights activists in India have been targets of surveillance. The Indian victims of illegal spying were among those globally spied upon by unnamed entities using Israeli spyware, Pegasus, which is a software created by an Israeli company.” Around 17 activists have confirmed that they have received messages from WhatsApp informing them of being victims of illegal spying. These include academics like Anand Teltumbde and Saroj Giri, as well as activists and journalists like Sidhant Sibal and Shubhranshu Choudhary.

Tell me more.

It doesn’t bear repeating that this is a serious breach. In response, the Ministry of Communications and Information Technology has asked WhatsApp for an official reply by November 4th. Minister Ravi Shankar Prasad also expressed his concerns over these recent developments, assuring the public that the Government will do everything possible to protect national interests. 

In the meantime, WhatsApp has come out with a set of instructions to users, detailing how to protect oneself from spyware attacks like these. (Quick recap: Spyware is software that enables a user to obtain covert information about another’s computer activities by transmitting data covertly from their hard drive.)

“The Facebook-owned messaging service listed the two precautionary measures in a message to users it believed were affected by the sophisticated Pegasus spyware. “How to stay secure: Always use the latest version of WhatsApp and keep your mobile operating system updated to receive the latest security protections,” it read.

The message also explained that while WhatsApp had earlier stopped an “advanced cyber actor” from exploiting its video-calling service to install spyware in certain mobile phones, there was a possibility that the device in question could have been affected.

This message was sent to likely victims of the spyware scandal before Facebook sued cybersecurity company NSO for over $75,000 in damages on Tuesday. It has alleged that the Israeli firm illegally used WhatsApp servers to sneak Pegasus into phones belonging to 1,400 users across 20 countries.”

Allegedly, the Pegasus software gains control of a phone’s operating system during a video call, giving attackers access to all sorts of private data, including messages and passwords. 

So, what now?

The Opposition, in the meantime, has launched a scathing attack on the Government, asking the public to “follow the money trail.” 

“ “The Govt seeking WhatsApp’s response on who bought Pegasus to spy on Indian citizens is like Modi asking Dassault who made money on the sale of RAFALE jets to India,” tweeted Rahul Gandhi

Earlier on Thursday, the Congress accused the government of being behind the entire controversy and demanded an investigation monitored by the Supreme Court. 

Congress chief spokesperson Randeep Surjewala said his party suspects that even judges of the Supreme Court and high courts, besides many opposition leaders, have been snooped upon. 

“We suspect that many opposition leaders and judges of the Supreme Court and high courts are in this list,” Surjewala said.”

Keep your eyes on this space. We’ll keep you updated.

2. Where else should I be keeping my eyes on?

Jammu and Kashmir, that’s where. 31st October 2019 is a significant date for this newly restructured state and union territory. 

“31 October is here, and with it, the next big step in the Modi government’s Mission Kashmir.

Back in August, the abrogation of Article 370 was closely followed by the news that the State of Jammu & Kashmir would be bifurcated into two new Union Territories.

The Jammu & Kashmir Reorganisation Bill was introduced in the Rajya Sabha on 5 August and passed by both Houses of Parliament on 6 August itself. However, it did not take effect immediately, with 31 October set as the date when it would come into force as an Act.

The most significant change is likely to be the application of the Indian Penal Code and the central Code of Criminal Procedure.

J&K had its own Ranbir Penal Code and CrPC, which were mostly the same as their central equivalents. But because these were technically separate laws, it meant legislative and judicial changes to the law didn’t automatically apply there.

For instance, the Supreme Court judgments decriminalising consensual homosexual acts under Section 377 of the IPC and its striking down of the child marital rape exception in Section 375 of the IPC, did not apply to the state.”

The troubled state has been under sporadic communication shutdown since August.

3. What more?

Veteran CPI leader and one of the main critics of the Bofors scam, Gurudas Dasgupta, passed away in Kolkata on Thursday. He was 83. A well-respected trade union leader of AITUC, he had also been elected as member Lok Sabha and Rajya Sabha multiple times. (Quick recap: AITUC or the All India Trade Union Congress is the oldest trade union federation in India.)

“ He was born on November 3, 1936, in Barishal district (now in Bangladesh) of undivided Bengal. After partition, he along with his parents and siblings moved to West Bengal. A fiery orator who never shied away from raising issues concerning the masses and the working class both inside and outside parliament, Dasgupta was baptised into politics as a student leader during the tumultuous ’50s and ’60s. 

He served as the president and general secretary of the undivided Bengal Provincial Students’ Federation in late ’50s and went underground several times. 
fter the CPI split in 1964, which led to the formation of the Communist Party of India (Marxist), Dasgupta decided to stay with the parent party. Later, he was shifted to the labour wing of the party in the early ’70s to work among the labour force employed in the organised and unorganised sectors.”

4. Anything else?

In more hacking stories, early this week, a cybersecurity expert made public that the Kudankulam Nuclear Power Plant might have been victim of a cyberattack. The Government, in a strange set of events, first denied the story and then went ahead and accepted the allegations. Here’s how it all unfolded.  

“After a day of denial, the Nuclear Power Corporation of India admitted on Wednesday that a malware attack had hit the NPCIL system at the Kudankulam Nuclear Power Plant in Tamil Nadu. It, however, said the damage was limited to a personal computer of a user at the facility and that the core systems of the nuclear plant was isolated from the internet, and thus not in harm’s way. 

Core systems of nuclear plants are rarely connected to the internet. Nevertheless, rogue nations such as North Korea could try to access and steal information by targeting admin and IT systems. Also, the Stuxnet attack that took down centrifuges in Iran, and traced to the US and Israel, has shown malware or harmful code can be inserted by other means, in Stuxnet’s case through a USB stick.”

We’ll keep you updated on the latest developments on this.

5. Is that all?

In an interesting development, German farmers have sued Chancellor Angela Merkel’s administration over its failure to meet climate protection targets. The court has initially dismissed the first-ever climate lawsuit, but things might not be over yet

“For now, three German families have been thwarted in their attempt to sue Chancellor Angela Merkel’s administration over its failure to meet climate protection targets, a spokesman for the administrative court in Berlin told CNN.

But they are still hopeful, Roda Verheyen, the plaintiffs’ lawyer said. “Even if we have lost the day, there are lots of statements that are very important in this judgement that will need to be recognized in policy and law,” Verheyen told CNN, adding that they had been given the opportunity to appeal.

The judges said that, while climate inaction was potentially damaging to human rights, they were unable to determine to what extent or how quickly the government must act, Verheyen added.

The families had pointed to livestock strained by searing heatwaves and reduced crop yields due to extreme weather fluctuations as signs they were already being impacted by climate change. Backed by the environmental group Greenpeace, they were hoping to hold German authorities accountable for their pledges to reduce greenhouse gas emissions.”

6. Before you leave…

Read about how this man “had a bag of weed removed from his nose after 18 years.”

“The man thought he accidentally swallowed the bag when he smuggled it into prison in his right nostril. He hadn’t.”

Your subscription could not be saved. Please try again.
Your subscription has been successful.
Copyright © 2019, Tramline Media