Centre mulls WhatsApp Security System audit

New Delhi: The government wants to conduct an audit of WhatsApp's security systems following revelations of Israeli spyware exploiting its vulnerabilities, IT Minister Ravi Shankar Prasad said but refused to say if the government had bought the spyware.

The Indian Computer Emergency Team (CERT-In) "has clearly said that we want to audit your (WhatsApp) entire system... we have told them that we want to conduct an audit and inspection of WhatsApp's security systems and processes," Prasad said in reply to a short duration discussion in Rajya Sabha over the spying controversy.

He, however, did not give a direct reply to Congress leader Digvijaya Singh's repeated query if the government had bought Pegasus spyware from Isreali firm NSO.

To Singh's question on Home Minister having met WhatsApp officials, Prasad said WhatsApp representatives keep meeting government officials and they "may have met Home Minister as well. After all, WhatsApp has its biggest operations globally in India."

WhatsApp, last month, sued Israeli surveillance firm NSO Group, accusing it of helping those buying its spyware Pegasus break into the phones of roughly 1,400 users across four continents.

The targets of the hacking included diplomats, political dissidents, journalists, along with military and government officials. In India, 121 users are believed to have been compromised. Stating that WhatsApp CEO had made no mention of vulnerability in their system by Pegasus spyware during his meeting with the Ministry, Prasad also warned digital players that they must erect appropriate security walls, failing to which appropriate action would be taken.

"During the high-level engagements like meeting of CEO Will Cathcart and VP Policy Nick Clegg of Whatsapp that took place with the Ministry on July 26, 2019, and September 11, 2019, no mention was made by the high-level Whatsapp team regarding this vulnerability," said Prasad in a statement.