The Indian Army has asked its officers to stay away from social media platforms like WhatsApp and Facebook. They have been asked to deactivate their Facebook accounts and not to use WhatsApp for any official communication.
The Army officers holding critical posts in all headquarters, divisions and brigades have been issued an advisory last month which states that WhatsApp is a vulnerable platform and so should not be used for any official communication. Despite the end-to-end Encryption feature, the advisory warns that WhatsApp’s perceived protections disappear as soon as a computer or mobile device becomes compromised, as reported by The Print.
The news comes after Israeli spyware Pegasus was reported to target journalists and senior government officials this year. Attackers first gained access to Israeli developer NSO Group’s Pegasus spyware which was then exploited to access users’ camera, microphone, location and all the texts. The malicious code was transmitted by calling users on WhatsApp and the method even worked when the call was not answered.
The Army Cyber Group analyzed the social media trends and then identified a new set of problems on the ways its personnel use the internet. Since 2016, the army has been following a social media policy.
As per the advisory issued, Facebook is a crucial source of collecting intelligence. So the officers having their Facebook accounts should consider deactivating it. Apart from this, the advisory has also asked the personnel families to put a stop to posting their pictures in uniform. They should also not post the photographs or details of sensitive locations on Facebook or other social media apps.
The advisory has reported earlier instances of loss of information through social media. It states that officers holding critical positions are at more risks as harmful agencies possessing experienced tools monitors and analyses data on social media.
While creating accounts on social media platforms, Army personnel should be cautious in giving out personal and professional details. Information can be extracted just by analysing posts or comments on social media made by either army personnel or their families or friends. It also cautions army personnel to not link their Gmail accounts to multiple other applications.