As the Trump administration faces scrutiny for using Signal to discuss military operations, interest in the app has risen. Reuters
As the Trump administration faces scrutiny for using Signal to discuss military operations, interest in the app has risen. Reuters
As the Trump administration faces scrutiny for using Signal to discuss military operations, interest in the app has risen. Reuters
As the Trump administration faces scrutiny for using Signal to discuss military operations, interest in the app has risen. Reuters

Future

Technology

Signal warns of misinformation after Houthi attack plan revealed

Cyber security experts sort fact from fiction amid focus on popular messaging app

Cody Combs
Cody Combs
Washington

March 27, 2025

  • English
  • Arabic

Signal, the messaging app that helped popularise encrypted communications, is under the microscope after senior officials from President Donald Trump's administration inadvertently disclosed military plans to attack the Houthis in Yemen.

The California-based company this week said it has been the subject of misinformation after a journalist was added to a Signal chat with Vice President JD Vance and other Cabinet members, and voiced concerns the scandal could drive people away from the platform.

“One piece of misinfo we need to address is the claim that there are ‘vulnerabilities’ in Signal,” the messaging platform posted on X. “Signal remains the gold standard for private, secure communications.”

Signal said the supposed vulnerability had nothing to do with the app's core tech, but instead was based on a Pentagon memo alerting personnel to potential phishing attacks on the platform.

“Phishing isn’t new, and it’s not a flaw in our encryption or any of Signal’s underlying technology,” the Signal post stated.

As the fallout continues and scrutiny increases for the Trump administration's use of Signal to discuss military plans, the popular messaging app is looking to address what it describes as misinformation. Photo: Signal
As the fallout continues and scrutiny increases for the Trump administration's use of Signal to discuss military plans, the popular messaging app is looking to address what it describes as misinformation. Photo: Signal

Rather than there being an obvious issue with Signal's encryption, the attack plan scandal stems from user error after National Security Advisor Mike Waltz, or someone using his account, added Jeffrey Goldberg, editor-in-chief of The Atlantic, to the group.

Amid the finger pointing, a debate is growing on whether the Signal Messenger app should even be used by government officials in the first place.

Like its rivals, Signal boasts “state of the art, end-to-end encryption”, but experts say such security features matter little if the app's users are careless.

“Often the Defence Department will urge against using these apps for secure communication because humans will be humans and they can't be trusted to use it correctly,” Robert Graham, chief executive of Atlanta-based cyber security company Errata Security, told The National. “That was verified by this whole story – a journalist was accidentally added to the group.”

Signal chat leaks: Messages appear to show Hegseth reveal Houthi plans

US Defence Secretary Pete Hegseth shared a detailed timeline on Signal about how Central Command would attack the Houthi rebels in Yemen. All photos: The Atlantic
US Defence Secretary Pete Hegseth shared a detailed timeline on Signal about how Central Command would attack the Houthi rebels in Yemen. All photos: The Atlantic

The Trump administration says members of the former president Joe Biden's team also used Signal, though sceptics said it was rarely, if ever, deployed to discuss military plans.

Regardless, in 2024 the US Cybersecurity & Infrastructure Security Agency (CISA) issued a “best practices” guide which mentioned that end-to-end encrypted messaging apps like Signal would be preferred for secure communication. But that same guidance also points out that “no single solution eliminates all risks”.

In recent congressional hearings this week, lawmakers noted that military planning, such as a strike on Yemen, should have never take place on a messaging app.

The Signal controversy spilled onto the Senate Intelligence Committee hearing attended by General Timothy Haugh, Kash Patel, Tulsi Gabbard, John Ratcliffe, and General Jeffrey Kruse. Bloomberg
The Signal controversy spilled onto the Senate Intelligence Committee hearing attended by General Timothy Haugh, Kash Patel, Tulsi Gabbard, John Ratcliffe, and General Jeffrey Kruse. Bloomberg

Just days before details of the Signal chat were published, the Pentagon had warned various staffers against using apps like Signal, due to the potential for it to be a “high value target” for professional Russian hacking groups. That warning also pointed out that the devices installed with apps like Signal could be infected with malware that renders encryption meaningless.

“The problem with Signal, is that yes, it's end-to-end encrypted, but one of those ends, the devices, might not be secure, and that's a problem,” Mr Graham said, echoing the Pentagon's warning about using messaging apps for highly sensitive conversations.

He also said that phishing attempts from nefarious actors could also nullify security features, especially when users try to use the apps on their phones and computers simultaneously, often requiring a code to synch the content.

“So the phishing attacks are sent out using these bar codes, trying to get people to unknowingly link the hackers laptop with the user's phone, so they would go see the messages.

A Signal security mishap led to a journalist gaining insight into US military operations. Getty Images. (AP Photo / Kiichiro Sato)
A Signal security mishap led to a journalist gaining insight into US military operations. Getty Images. (AP Photo / Kiichiro Sato)

Signal said that in order to help protect people from falling victim to sophisticated phishing attacks, it had introduced new in-app warnings. The company also said it routinely conducts security audits and addresses any potential flaws “with quickness.”

Ultimately, Mr Graham said, Signal is one of the more secure messaging apps out there, which is why so many government officials in various countries use it. But it should have been a no-brainer to avoid using it to discuss military plans.

“That's what SCIFs are for,” he said, using the abbreviation for sensitive compartmented information facilities. “They put SCIFs in offices, homes, they have them in embassies, and they're not always convenient, but that's the whole point.”

“You have to get into the habit of 'We need to have a conversation, let's go to a SCIF'. There's a high principle here in that the area is secure and you don't need to worry about journalists because the endpoints are secure.”

Although US National Security Adviser Mike Waltz has accepted responsibility for the fallout from the use of Signal, he still hasn't disclosed how the journalist was added to the group chat.

Meanwhile, Signal founder Moxie Marlinspike is using the incident as a way to promote the platform with a hint of humour.

“There are so many great reasons to be on Signal. Now including the opportunity for the vice president of the United States of America to randomly add you to a group chat for co-ordination of sensitive military operations. Don’t sleep on this opportunity,” he posted on X.

THE CLOWN OF GAZA

Director: Abdulrahman Sabbah 

Starring: Alaa Meqdad

Rating: 4/5

Email sent to Uber team from chief executive Dara Khosrowshahi

From: Dara

To: Team@

Date: March 25, 2019 at 11:45pm PT

Subj: Accelerating in the Middle East

Five years ago, Uber launched in the Middle East. It was the start of an incredible journey, with millions of riders and drivers finding new ways to move and work in a dynamic region that’s become so important to Uber. Now Pakistan is one of our fastest-growing markets in the world, women are driving with Uber across Saudi Arabia, and we chose Cairo to launch our first Uber Bus product late last year.

Today we are taking the next step in this journey—well, it’s more like a leap, and a big one: in a few minutes, we’ll announce that we’ve agreed to acquire Careem. Importantly, we intend to operate Careem independently, under the leadership of co-founder and current CEO Mudassir Sheikha. I’ve gotten to know both co-founders, Mudassir and Magnus Olsson, and what they have built is truly extraordinary. They are first-class entrepreneurs who share our platform vision and, like us, have launched a wide range of products—from digital payments to food delivery—to serve consumers.

I expect many of you will ask how we arrived at this structure, meaning allowing Careem to maintain an independent brand and operate separately. After careful consideration, we decided that this framework has the advantage of letting us build new products and try new ideas across not one, but two, strong brands, with strong operators within each. Over time, by integrating parts of our networks, we can operate more efficiently, achieve even lower wait times, expand new products like high-capacity vehicles and payments, and quicken the already remarkable pace of innovation in the region.

This acquisition is subject to regulatory approval in various countries, which we don’t expect before Q1 2020. Until then, nothing changes. And since both companies will continue to largely operate separately after the acquisition, very little will change in either teams’ day-to-day operations post-close. Today’s news is a testament to the incredible business our team has worked so hard to build.

It’s a great day for the Middle East, for the region’s thriving tech sector, for Careem, and for Uber.

Uber on,

Dara

UAE currency: the story behind the money in your pockets
Updated: March 27, 2025, 10:52 PM
Technology