Burn after reading
It appears foreign hackers have been attacking cell phones and other devices belonging to politicians, bureaucrats, and members of the military. The hacking attempts, according to the Inter-Services Public Relations (ISPR), involved “a range of cybercrimes including deceitful fabrication by hacking personal mobiles and technical gadgets”. Although the ISPR, in a statement on Wednesday, did not specifically name anyone while saying, “Various targets of hostile intelligence agencies are being investigated” as the primary “hostile”, India remains the prime suspect. The statement also said the Pakistan Army has increased countermeasures, including taking “action against violators of standing operating procedures on cybersecurity”. The military’s media wing also said that an advisory is being sent to all government departments to help identify security lapses and enhance cybersecurity. This implies that the hack was at least partially successful.
Intelligence services trying to hack phones is nothing new. The US, Israel, Russia, China, and the Middle Eastern countries all accuse each other of doing so from time to time. Pakistan and India do so as well. But given that India and Pakistan’s situation is tenser, more care is needed. Also, while details of the hack are still obscure, we know that in March, the federal government had tried to ban the use of social networking apps on official phones and computers. Such restrictions are nowhere near radical. In many countries, official phones cannot be used for any personal communications or business at all. In the case of internet-related actions such as personal email, browsing, and app use, the added security risks are a significant factor. Unfortunately, compliance is low because of a combination of technological illiteracy, ignorance, and defiance.
We in the media have seen how much official business is conducted through WhatsApp instead of proper channels such as email or website updates. Press statements and material are all sent, often solely, through the chat app instead of the correct official channels. Confidential documents are often moved internally the same way. A misused phone thus becomes a bastion of information for hackers. In 2016, Pegasus, an Israeli-origin malware for WhatsApp, was believed to have infected the phones of at least 1,400 senior government and military officials in 20 countries, including Pakistan. Although security updates quickly follow the discovery of malware, the damage is often already done.
The safest option, therefore, remains to treat confidential information as confidential, and burn after reading.
Published in The Express Tribune, August 14th, 2020.
Like Opinion & Editorial on Facebook, follow @ETOpEd on Twitter to receive all updates on all our daily pieces.