Threats Associated with the Use of Instant Messengers
The development of cloud technologies has also increased the influence of instant messengers on our lives: they are convenient when important files, correspondence, contacts are at hand, which we can share with a few clicks on a smartphone. We are so used to all this that we completely do not notice the amount of confidential information that we pass through instant messengers every day. This, in turn, accompanies the emergence of several threats from the use of messengers.
The threat model will be highly personalized because we are dealing with personal data. Each user must answer a few questions:
- What exactly do you need to protect? Correspondence, content, identity, metadata, location? It is possible that all of the above.
- Who do you need to protect your data from? From advertising companies, government, hackers, abusers? Each option has its strengths and weaknesses, it is important to take this into account.
- Consequences if the data gets to the person from whom the user builds protection. It is essential to understand here that a messenger that effectively implements the protection of your messages and metadata is less suited, for example, for entertainment, and can be inconvenient for everyday use. Is it a matter of life and death for you, or do you just want to be trendy?
Here are the potential threats:
- Data leak. Gaining an attacker’s access to confidential information from the messenger (by intercepting messages, accessing message logs, extracting data from the cloud, successful authentication) will allow several unpleasant attacks with unpredictable consequences. This can be blackmail, impersonating a trusted person, collecting information for the implementation of more complex schemes using social engineering.
- Location disclosure. For example, if the function of sharing the current location is activated, or if the messenger allows you to reveal your mobile number, an attacker can draw up your daily schedule for your presence in a particular location. One can use these personal routes of movement for personal purposes to develop an attack or sell to others.
- Code vulnerabilities and compromised software. Like any software, the messenger can contain vulnerabilities that allow access to confidential information. Installing a compromised application, for example from an untrusted source, can lead to a more serious attack. As a result, an attacker can gain complete control over the device and remain undetected.
It is necessary to understand that as soon as an attacker gains control over an account in a messenger, this does not lead to anything good. Even if the account does not have any valuable information, you can include it in a botnet and implement DoS attacks, send spam, distribute malicious links, etc. An attacker can launch an attack on the administration of the messenger using social engineering methods, for example, posing as a law enforcement officer, and as a result obtain the necessary information.
In the light of possible risks and threats, the question arises of how much one messenger is safer than another. That is why it is crucial to assess their functionality based on safety criteria.