May 15, 2019
If you're like 1.5 billion other people on the planet – or if you are Jared Kushner – you conduct a lot of your personal or business conversations on WhatsApp, the Facebook-owned messaging app that says it's largely impervious to snoopers, hackers, and spooks.
But according to a bombshell report in The Financial Times earlier this week, the app has long contained a critical flaw that's enabled hackers to tap into your smartphone just by placing a WhatsApp voice call to you.
The hack relied on a program written by the Israeli tech firm NSO, which designs powerful snooping tools for law enforcement and counterterrorism officials in the Middle East and "western countries."
But it appears that political dissidents, human rights activists, and even a lawyer filing a liability suit against NSO itself were targeted – the FT report doesn't say who the attackers were.
WhatsApp says the bug has been fixed as of Monday. But this story – in which a commercial hacking program sold to governments was used to violate people's privacy and snoop on dissidents –illustrates a few big political challenges that we've highlighted in discussions about cybersecurity.
Cyber-arms control is hard. Cyberweapons, being scripts of computer code, can be very hard to control and contain, even with close oversight of who gets to buy them.
Mission creep is easy. Companies like NSO say they sell these products only to police and counterterrorism officials – but once they are in government hands, they can be used (or sold, or stolen) for other purposes or by other parts of the state.
Liability is murky. Who should be held accountable here: NSO for developing a product that was used beyond its (presumably) stated intent? Or WhatsApp for failing to guarantee the security of its own platform?
Surveillance and espionage are hardly new. But never before has there been a device that contained as much data about your thoughts, habits, preferences, movements, and personal relationships as the device you're holding or reading right this second.
The upshot: With hackers, governments, and commercial developers all trying to figure out how best to crack into it – what are the rules of the game?More For You
- YouTube
Is AI advancing faster than our ability to regulate it? At the 2026 US-Canada Summit in Toronto, hosted by Eurasia Group and RBC, Ian Bremmer says the biggest issue with AI is not the technology itself, but the lack of governance keeping pace with its rapid development and rollout.
Most Popular
Iranian President Masoud Pezeshkian displays a memorandum of understanding after signing it in Tehran, Iran, on June 18, 2026, after the document was signed by US President Donald Trump.
Iranian Presidency via ZUMA Press
The interim agreement to end the war, signed by both sides on Wednesday, appears to tilt toward Iran. But the regime remains vulnerable.
A displaced woman holds an Iranian flag as she makes her way back to her home in southern Lebanon, on the highway of Sidon, Lebanon, June 16, 2026.
REUTERS/Zohra Bensemra
On June 14, the US and Iran announced a deal to end the war. A signing ceremony is set for Friday. The terms include an immediate ceasefire on all fronts. With both sides spinning the deal as a victory, there are plenty of ways for this to go wrong.
Sports inspire greatness, determination, and resilience — both on and off the field. Bank of America is proud to celebrate the achievements of and uplift communities through the power of sports. Learn more about how Bank of America supports athletes in life and in the game.
© 2025 GZERO Media. All Rights Reserved | A Eurasia Group media company.
