NCSC warns of messaging app targeting
In a proactive move, the National Cyber Security Centre (NCSC), in collaboration with international partners, has issued a set of guidelines aimed at individuals who may be vulnerable to targeted attacks via messaging applications. This advisory comes in light of an alarming increase in malicious activities, particularly from actors based in Russia, who are exploiting popular platforms like WhatsApp, Messenger, and Signal to compromise high-risk individuals.
Messaging apps have become integral to our daily communications, yet they also present a unique set of vulnerabilities. The NCSC has identified that high-risk individuals—those whose roles grant them access to sensitive information or influential networks—are particularly susceptible to these threats. If your position or public profile places you in the crosshairs of potential attackers, it is crucial to remain vigilant.
Past reports from the NCSC have highlighted incidents involving state-affiliated groups, such as APT31 from China, the Russian Federal Security Service (FSB) actor known as Star Blizzard, and Iran’s Islamic Revolutionary Guard Corps (IRGC), all of whom have targeted government officials and other high-profile figures.
Attackers may employ various tactics to compromise accounts, including:
- Deceptive methods to obtain login or account recovery codes.
- Silently adding their devices to your account.
- Infiltrating group chats without detection.
- Impersonating known contacts to gain trust.
- Phishing attempts through malicious links or QR codes.
To mitigate these risks, individuals are encouraged to adopt several precautionary measures:
- Avoid sharing sensitive information through messaging apps.
- Utilize corporate messaging services and devices for work-related communications, adhering to organizational policies.
- Refrain from sharing verification codes or scanning unexpected QR codes.
- Activate two-step verification (referred to as Registration Lock in Signal’s settings).
- Utilize passkeys where available, as both WhatsApp and Signal support this feature.
- Regularly review linked devices in settings, and scrutinize group memberships to identify any unfamiliar participants.
- Stay alert for impersonations, unknown contacts, and duplicate entries in your contact list.
- For personal accounts, consider using disappearing messages that self-delete after a specified time, thereby limiting potential access for any unauthorized users. However, be mindful of any record-keeping obligations you may have.
- Consult the NCSC’s guidance tailored for high-risk individuals, which outlines strategies for enhancing account and device security and provides information on accessing Individual Cyber Defence services to bolster personal cyber resilience.
In light of these developments, the NCSC emphasizes the importance of remaining informed and proactive in safeguarding personal information against evolving cyber threats.
