IT Security is very challenging and only vigilance and preventive measure can protect your systems

IT Security is very challenging and only vigilance and preventive measure can protect your systems

Facebook just reported this week about an Israeli security firm called NSO development of a spyware which they sell to governments around the world to hack into communication devices. This spyware was used to hack into the Whatsapp calling function to call the target phone and install the surveillance app. NSO client use buffer overflow vulnerabilities in the Whatsapp Voice over Internet Protocol (VoIP) stacks to enforce remote code execution via series of Secured Real-time Transport Protocol (SRTCP) packets sent to a target phone number.

This attack occurred because it is most likely that there is no code signing technology deployed in Whatsapp and its encryption and digital signature could not keep the spyware out. The fact that there was code injection using this vulnerability shows deeper flaw in the development of the app core or root of trust and its code signing and input validation capabilities. If the Whatsapp code is not signed, how come any data injection is not stopped by impute validation system?

Hence specific details are not provided (it is standard IT security policy though), it is also possible the NSO spyware attack utilized the Dynamic Link Library (DLL) injection, which compromises system memory and manipulating it into running the spyware as an authentic command. It does not seem that Whatsapp has a detective control or deterrent control or preventive control systems to prevent this kind of attacks.

With the money they spent in purchasing the app, you will think they will invest in thorough security sweep of the app to ensure this kind of flaws are prevented. Anyway, without boring you with IT technical terms, it goes to the unconscionable conducts of big tech which undermines to ethical and professional standard of the whitehat hackers and computer programmers.

We have heard how Boeing offered security features of something as big and critical system like aircraft as an optional feature and we have people showing sympathy for them. It is all about dollar and no emphasis on the security and privacy of consumers in protecting human life.

Anyway, I am mentioning this because it is a lie that this problem was recently found in Whatsapp. I suffered same attack since over two years now, warned people, mentioned about the surveillance on my devices on Facebook and Twitter posts, and this problem is not just on Whatsapp alone. Other communication networks like AT & T and T – Mobile has been compromised and so was Viber app, different communication systems like calling card technologies, conference calls and internet calls.

These Tech companies should start taking the ethics of this very important future industry for the world (IT) very serious and take the fiduciary duty of care to include consumers just as they take their shareholders’. Like NSO responded, it is all about money. No more privacy, after all, the consumers do not care about their own privacy. They share everything in social media. So, there is no motivation for the industry to spend more money providing security feature that the people do not care about having.

I have been telling people that many of these apps are not safe, that there is spyware hidden in my phones by people surveilling me, I have changed phones and each time, they find their way into new phones using the same or other vulnerabilities. The congress has been silent and provides no oversight over the irresponsibility of these tech people and blackhat hackers. Every cybersecurity specialist should be ashamed of this kind of embarrassment and cover ups. It makes us look bad!

Ebelechukwu P. Elochukwu

Author: ETHIC

Enterprise Technological Health & Infrastructural Corporation (ETHIC) was established by visionary and professional entrepreneurs who have a special interest in governments, leadership, enterprise solutions, businesses, individuals and families in need of quality products and services at competitive prices. Investment opportunities are available for any entrepreneur. No startup capital is required. Strong sales, marketing and excellent customer service skills are just what is needed for you to succeed. You will be amazed at how much return you will receive on your investment (Strong sales, marketing and excellent customer service skills). Give us a call and just try it. It will not affect your job or career. You also make your schedule and work at your leisure. You are your own boss. It is your own business. Sometimes your budget does not give you enough bargaining or buying power to get the supply of quality goods and services that you need for the growth of your business. However, you don’t want to compromise the quality of your products and services. We are willing to work with your budget. We provide Business Solutions, Office Solutions, and Trade Solutions. These services are provided at a very competitive rate to enterprise organizations, small businesses, homes, home offices, entrepreneurs and individuals. Our sub-divisional products and services include but are not limited to: 1. Furniture 2. Computer Sales & Services 3. Office Supplies 4. Business Tools 5. Web & Graphic Design 6. Secretarial & Administrative Support 7. Printing of Letterhead, Business Cards, Brochures, Flyers, Event Programs, Stationery & Newsletters 8. Document Typesetting 9. Photocopies 10. Fax, Phone & E-mail 11. Interior Decoration 12. Digital Imaging Products Sales & Services 13. Home Office Maintenance 14. The Planning, Setup & Improvement of Offices & Home Offices 15. Janitorial Services All these products and services are what we call Business and Home Solutions. Our contractors/consultants make use of our technological tools to provide excellent and efficient service to our customers. We deliver great and high quality products. We also build special relationships with our customers; because every one of our staff understands that customers come first at ETHIC. We welcome you to experience the difference in the way we do business. We thank you and appreciate your visit to our web site today. If you purchased any product or service, we appreciate your business. Please come back again. Leave a comment and let us know how we are doing!

Leave a Reply