It isn’t just teenagers that likely spent far too much time staring at their mobile device’s screens. Smartphones have provided constant communication, access to news and other information, and of course mobile games. While all of this can be a distraction that impacts actual in-person social interaction, as well as a potential health risk, there is also the increasing likelihood that some of the more popular apps for communications could be a very serious problem for national security. At issue is the proliferation of consumer-grade communications applications, most notably WhatsApp. The widely used app is all too often installed on mobile devices within the military community, and that could even put operations at risk.
What is WhatsApp?
Released as a freeware, cross-platform centralized instant messaging (IM) and voice-over-IP service in 2009 – and acquired by Facebook in February 2014 – WhatsApp allows users to send text and voice messages, but also to make voice and video calls, to share documents, and provide user locations. The main client runs on mobile devices, but it is also accessible from desktop computers.
The service, which requires a cellular mobile telephone number to sign up, has more than two billion users worldwide. Because of its capabilities, it has become a primary means of Internet communications in Latin America and India, as well as some parts of Europe and Africa. However, China has banned the service, while Iran has also proposed to block access to the service.
There have also been reports that the platform had been used by terrorist organizations, including ISIS, which may have used WhatsApp to communicate prior to the November 2015 Paris attacks.
Breeding Ground for Disinformation
What is also unique about WhatsApp is that some law enforcement agencies as well as those in the intelligence community (IC) around the world have complained that its end-to-end encryption makes it hard for police and other agencies to monitor potential suspects. Messages sent via the app can’t be intercepted during transmission, even by Facebook. The issue of this level of end-to-end encryption in WhatsApp and similar platforms has also been seen as worrisome by U.S. lawmakers.
Last year U.S. Senators Lindsey Graham, Tom Cotton, and Marsha Blackburn introduced the Lawful Access to Encrypted Data Act.
At the same time, even as WhatsApp provides that greater level of encryption, some have argued it is a moot point as cloud backups are enabled. Moreover, the messages aren’t secure once they’ve been decrypted on a user’s device.
“Insecure platforms like WhatsApp make it easy for bad actors to start and spread disinformation, which we have seen spread like wildfire,” warned Jorhena Thomas, professorial lecturer at the School of International Service at the American University.
“Disinformation that is emotionally appealing is all the more dangerous, and tends to be forwarded quickly and widely,” Thomas told ClearanceJobs. “The national security implications of this are huge, not least of all because these viral messages can incite riots and cause people to act in dangerous ways. This can be destabilizing for both governments and citizen populations.”
Insecure Communications
The technology behind WhatsApp and similar programs is just one part of the issue. Insecure communications can be easily compromised even if encrypted, if someone can gain access to the device; yet the greater problem is the way these apps are increasing used.
“At one level people are too comfortable with social media, especially when it comes to the information they find on platforms, including Facebook, Twitter and YouTube,” explained technology analyst Charles King of Pund-IT.
The encryption is only good if someone is sure that the device isn’t compromised – such as being cloned or otherwise monitored. Likewise, conversations in a public space could be overheard or someone could even see what is on the screen.
Then there is the way that the platforms could be used by bad actors.
“As many surveys have noted, those sites have become go-to news sources for a growing percentage of Americans, even though the ‘news’ they dispense is often shaped or skewed by interested parties, including foreign governments that are no friends of the U.S.”
That spread of misinformation on these platforms could be as much a problem as insecure communications.
“That last point is critically important when it comes to military and government professionals who have access to sensitive or secured intelligence information,” King told ClearanceJobs. “Those people are often targeted by foreign entities seeking access to vital government data. In fact, such attacks are so common that a year ago the FBI and the National Counterintelligence and Security Center (NCSC) released the film Nevernight, which is based on a case of an intelligence professional who was targeted and fooled by foreign entities into sharing sensitive information.
“Given their prevalence, it’s natural to be comfortable with social media sites but those platforms are also being weaponized by harmful people and entities,” King added. “Becoming too comfortable with Facebook and other sites effectively paints a target on your back.”
