UN officials barred from WhatsApp

281

UN officials do not use WhatsApp to communicate because “it’s not supported as a secure mechanism,” a spokesman said after UN experts accused Saudi Arabia of using the online communications platform to hack the phone of Amazon chief executive and Washington Post owner Jeff Bezos.

The independent UN experts said they had information pointing to the “possible involvement” of Saudi Arabia’s Crown Prince Mohammed bin Salman in the alleged 2018 cyberattack on the billionaire Amazon chief.

They called for an immediate investigation by US and other authorities, based on a forensic report by Washington-based FTI Consulting. The report alleges Bezos’ iPhone was hijacked by a malicious video file sent from a WhatsApp account used by the crown prince.

Asked if UN Secretary-General Antonio Guterres communicated with the Saudi crown prince or other world leaders using WhatsApp, spokesman Farhan Haq said: “Senior officials have been instructed not to use WhatsApp, it’s not supported as a secure mechanism.”

“So no, I do not believe the secretary-general uses it,” Haq said. He added the directive not to use WhatsApp was given to UN officials last June.

Asked about the UN move, WhatsApp said it provides industry leading security for more than 1,5 billion users.

“Every private message is protected by end-to-end encryption to prevent WhatsApp or others from viewing chats. The encryption technology we developed with Signal is highly regarded by security experts and remains the best available for people around the world,” said WhatsApp Director of Communications Carl Woog.

For that reason, any ban specifically singling out WhatsApp, owned by Facebook, might leave digital security experts scratching heads.

WhatsApp “is taking security seriously compared to others,” said researcher Oded Vanunu, whose company, Tel Aviv-based Checkpoint, regularly finds flaws in messaging apps.

“Every application has vulnerabilities you can exploit in some way,” he said, noting WhatsApp was particularly good at fixing them. “Other instant messaging companies dream of their kind of security procedures,” he said.