In an interview with the Guardian, the WhatsApp CEO talks about NSO malware and says Apple should “be loud, join in” rather than saying this won’t affect many of its users.
Last weekend, an explosive report from Amnesty International detailed targeted attacks towards target human rights activists, lawyers, and journalists using Apple’s iMessage system as a vector by which to deliver the zero-click attacks.
During this week, the Pegasus project, a collaboration of 17 media organizations that investigated NSO, showed that senior government officials around the world were target by governments with NSO Group spyware in a 2019 attack abasing 1,400 WhatsApp users.
The Guardian reports that “Cathcart said that he saw parallels between the attack against WhatsApp users in 2019 – which is now the subject of a lawsuit brought by WhatsApp against NSO – and reports about a massive data leak that are at the center of the Pegasus project.”
In the interview, WhatsApp CEO praised recent moves by Microsoft and others in tech industry but called on Apple to adopt the same approach.
“I hope that Apple will start taking that approach too. Be loud, join in. It’s not enough to say, most of our users don’t need to worry about this. It’s not enough to say ‘oh this is only thousands or tens of thousands of victims’,” said Will Cathcart.
Cathcart is just another voice raised against Apple for the company to take action about this issue. Over the past week, researcher Will Strafach and Johns Hopkins security professor said that Apple can do more when it comes to combating NSO and others who exploit combat zero-day vulnerabilities in iOS.
In a statement provided to the Washington Post last weekend, after the report from Amnesty International, Apple defended its security practices and said it leads the industry in security innovation.
“Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”
About WhatsApp CEO allegations against NSO, an spokesperson said to the Guardian:
“We are doing our best to help creating a safer world. Does Mr Cathcart have other alternatives that enable law enforcement and intelligence agencies to legally detect and prevent malicious acts of pedophiles, terrorists and criminals using end-to-end encryption platforms? If so, we would be happy to hear.”
FTC: We use income earning auto affiliate links. More.