[ad_1]
Department of Communications and Digital Technologies announced yesterday that the WhatsApp account of Minister Stella Ndabeni-Abrahams had been hacked.
The department said the hack had resulted in the exposure of private and confidential information.
While the department inferred that the minister’s WhatsApp account had been compromised, it is unclear how the attackers allegedly gained access to the minister’s WhatsApp messages.
MyBroadband asked the Department of Communications for additional information about the attack, but declined to provide further comment.
To outline the possibilities that may have caused the minister’s WhatsApp account to be compromised, we spoke with Orange Cyberdefense South Africa CEO Dominic White.
White clarified that his analysis was speculative considering the lack of information shared by the department about the hack.
“No information has been shared, so my response is a generic ‘what if’ rather than any kind of informed take on what happened in this specific incident,” White said.
Compromise the minister’s WhatsApp account
White said that hacking WhatsApp directly to target a specific person would be a sophisticated and risky attack, and therefore the least likely possibility.
He described the following alternative scenarios in which an attacker could have gained access to the Minister’s WhatsApp account, ordered from highest to lowest probability:
- Physically copy some messages from the device or other backup copies, for example, to a laptop or external hard drive.
- SIM swap fraud. This will show.
- Access to WhatsApp Web, which is most easily achieved through short-term access to your device. This could also be noticed when WhatsApp notifies you of other sessions.
- Access to your backups in the cloud, for example, social engineering, your iCloud password.
- Malware on your device, either through a hack of your iPhone or short-term physical access. This would be a more sophisticated hack that would require private iOS exploits.
“You will notice that most of these are not actually attacks against WhatsApp directly, but rather other places where WhatsApp messages can be stored or accessed,” White said.
Scope of the hack
He added that although WhatsApp’s confidential information was exposed in the alleged hack, other applications and accounts could also have been compromised.
“They say that your WhatsApp account has been hacked, but that does not mean that only your WhatsApp account has been exposed. Depending on the attack, other accounts could also be exposed, “White said.
“They may be noting the WhatsApp account publicly to instruct people to validate the WhatsApp communication you received from it.”
“There may also be politics at stake, but I am not an expert on that and I would prefer not to get involved in that speculation,” he said.
Regarding the legitimacy of the department’s claim that the account was actually hacked, White said this would require a thorough investigation to determine.
“Until we see the comments of a capable investigator, or the information comes out in court proceedings, it is highly unlikely that we will obtain useful facts to make an independent determination,” he said. “Time will tell.”
The Minister plans to inform the media at 1:00 p.m. on Tuesday, October 6 on “material news within the framework of the Portfolio of the Department of Communications and Digital Technologies.”
It is unclear if this report will shed more light on the hack reported yesterday by the Department.
Now read: Cosatu plans a one-day strike
[ad_2]
