Skip to main content

BlackBerry services more vulnerable than you think, says Public Safety Canada

Public Safety Canada, the federal agency tasked with overseeing cyber security in Canada's government establishments, issued a memo last month that warned government employees about possible vulnerabilities in BlackBerry's PIN-to-PIN messaging service.

Public Safety Canada highlighted the PIN-to-PIN messaging system as the most vulnerable communication method used by BlackBerry users, and asked government employees not to use it to send sensitive information.

"Although PIN-to-PIN messages are encrypted, they key used is a global cryptographic 'key' that is common to every BlackBerry device all over the world," the memo read.

"Any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device," it added.

Public Safety Canada also claimed that the vulnerability leaves users at greater risk when they use PIN-to-PIN messaging to communicate outside security filters and government firewalls because of the potential threat of malware attached to an incoming PIN Message.

BlackBerry is the preferred mobile platform of nearly two-third of Canada's federal government mobile users, while the remaining one-third use either Google's Android or Apple's iOS platforms.

In a statement, BlackBerry responded to Public Safety Canada's warnings by writing "BlackBerry communications remain the most secure, preferred mobile communications used by governments worldwide. In fact, BlackBerry uniquely offers scalable, customizable security options for businesses and governments which allow them to apply their desired level of security."