How do you protect the private conversations on apps built for privacy when the very accounts themselves are the target? That is the dilemma the United Kingdom’s cybersecurity agency has laid bare.
What the NCSC announced
The National Cyber Security Centre (NCSC), the UK’s cybersecurity agency, has issued a security alert saying hackers are targeting WhatsApp and Signal accounts. In that alert the NCSC offered advice to “high-risk’ individuals” on how to protect against social engineering and other cyber-attacks.
What the notice covers
The agency’s communication focused on two encrypted messaging services by name — WhatsApp and Signal — and on the threat vector of social engineering. The alert both identifies those services as being targeted and signals that guidance has been provided specifically for people described as “high-risk’ individuals.”
Why this matters — perspectives to consider
For technologists: an NCSC alert elevates an operational issue to the level of national cybersecurity guidance, indicating a need to review authentication, account recovery and verification practices for the messaging platforms named.
For policymakers: the alert underscores that national-level cyber agencies are monitoring threats against consumer messaging services and are prepared to issue targeted advisories when they assess a specific risk.
For users: the agency has explicitly offered advice to those it considers “high-risk’ individuals,” which is a prompt for anyone who believes they fall into that category to seek and follow official guidance from the NCSC.
For adversaries: the public notice that accounts on WhatsApp and Signal are being targeted highlights that attackers are focusing on widely used communication channels and on techniques that rely on manipulating people — social engineering — rather than purely technical exploits.
Where to turn next
The NCSC has issued the alert and accompanying advice; those concerned are best served by consulting the agency’s guidance directly and applying the recommended protections. The notice is a reminder that when a national cybersecurity body speaks about targeted attacks, individuals, organizations and service providers should take the guidance seriously.
https://www.infosecurity-magazine.com/news/ncsc-alert-hackers-whatsapp-signal/




