India plans to launch a security assessment of WhatsApp amid spyware scare. Of late, WhatsApp is dealing with serious security concerns raised due to NSO Group - Pegasus spyware controversy came to light last month. In light of these ongoing security concerns, India is looking to conduct a security audit of the Facebook-owned messaging app.
During his discussion in Parliament on Thursday, IT Minister Ravi Shankar Prasad said that WhatsApp CEO Will Cathcart had not mentioned about any vulnerability of their system during their meetings with the ministry and that the government was yet to receive the names of people targeted by unnamed entities using Pegasus spyware.
Replying to a question in Rajya Sabha, Prasad said the government had issued a notice to Israeli technology firm NSO Group, which created Pegasus, on November 26, seeking details about the malware as well as its impact.
My statement in the Rajya Sabha on the Calling Attention Motion regarding security breach of WhatsApp users by Pegasus spyware. pic.twitter.com/t3rAJhiAIC— Ravi Shankar Prasad (@rsprasad) November 28, 2019
Government of India is firm in seeking reply from WhatsApp and will take appropriate action and we have sent notice to NSO as well. In future we will also take action as required. pic.twitter.com/DHBaqhccTU— Ravi Shankar Prasad (@rsprasad) November 28, 2019
Last month, WhatsApp filed a lawsuit against NSO Group for hacking into 1400 accounts using its highly sophisticated Pegasus spyware software. Facebook's lawsuit against NSO Group had said the software developed by NSO known as Pegasus was designed to be remotely installed to hijack devices running the Android, iOS, and BlackBerry operating systems.
When reports about the breach came in media, CERT-IN (Computer Emergency Response Team) sought submissions from WhatsApp in Septemeber, including a need to conduct an audit and inspection of WhatsApp security system and process, Prasad said.
"The response from WhatsApp was received on November 18, 2019 and further clarification and technical details have been sought on November 26, 2019.
"CERT-IN has also sent a notice to NSO Group on November 26, 2019 seeling details about the malware and its impact on Indian users," he said.
Prasad also said that the government is committed to ensuring the safety and security of online platforms such as WhatsApp. He also said that the government is also working to strengthen the Information Technology (Intermediaries Guidelines) Rules 2011. The minister asserted India would never compromise its data security.
(With agency inputs)