As reported by Security Affairs, Poland has instructed government officials to discontinue the use of the popular instant messaging application Signal for sensitive communications. This directive follows a series of cyberattacks targeting government accounts, with suspicions pointing towards Russian-backed advanced persistent threat (APT) groups.The cyberattacks did not compromise Signal's encryption but instead relied on social engineering and account takeover tactics. Attackers impersonated Signal support staff or bots to trick users into revealing verification codes or PINs. Another method involved malicious QR codes or links that allowed attackers to remotely link their devices to victims' accounts, granting access to private chats and conversation history. These campaigns targeted politicians, military personnel, and public servants, posing a significant threat to national security.In response, Poland's Ministry of Digital Affairs is recommending the use of state-developed alternatives, including mSzyfr Messenger for general encrypted communication and SKR-Z for classified information up to the "Restricted" level. This move aligns with similar actions in other European countries, such as Germany and the Netherlands, highlighting a broader trend of governments seeking more controlled communication platforms due to the vulnerability of users to phishing and impersonation attacks, rather than inherent flaws in the encryption of widely used apps.Source: Security Affairs
Government security
Poland directs officials to cease Signal use amid cyberattack concerns

(Adobe Stock)
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



