After the Pegasus attack, Apple says it will notify users of iPhones and other Apple gadgets which are under spyware attack.
Apparently, Apple is trying all they can to introduce new security features in all their operating systems that can warn users about the presence of any spyware on their systems.
In this article, we will discuss the news and try to figure out how Apple is going to achieve its feat.
So, without further ado. Let us begin...
The News: What's Happening in Apple's Security Tech
According to a support document, Apple will notify users whose iPhones and other gadgets have been hacked by state-sponsored hackers.
The tech giant announced its plans to notify hacking victims on the last day of the week after Apple filed a suit against the Israeli NSO Group, a company from Israel. NSO Group, claiming it had violated U.S. law by selling and promoting spyware to hack and gather information from iPhones.
Suppose Apple discovers that a user was victimized by state-sponsored hacking and is notified. In that case, it sends an iMessage as well as an email message to all addresses listed on the file. A threat notification will appear once the user logs in to their Apple ID, Apple says.
"These users are targeted by their identity or the activities they engage in," Apple says in the document of support. "Unlike traditional cybercriminals, state-sponsored hackers use extraordinary tools to target a tiny number of individuals as well as their gadgets, making the attacks more difficult to spot and stop.
"State-sponsored attacks are extremely complicated, require hundreds of millions to design, and have a limited shelf-life," Apple says. Therefore, the majority of people (commoners, not working for agencies, news channels, etc) will not be targeted by these attacks.
Apple has announced the filing of a lawsuit against NSO Group, which has repeatedly stated that it leases its technology to legitimate governments in order to monitor criminals, enforce the law, and protect their interests.
NBC News reported in 2017 that Pegasus was employed to be used to target prominent lawyers, prominent journalists, anti-corruption activists, prominent journalists, as well as government officials following research conducted by the Citizen Lab.
The Saudi government, as well as its close ally, the United Arab Emirates, are suspected of targeting three women who had spoken out against it. NBC News reported in August that they include a Lebanese broadcaster and a Saudi horse rider, along with an Emirati human rights advocate. In addition, the Biden administration has imposed restrictions on NSO Group's access to U.S. components and technology this month, citing the requirement for permission to export.
In the spring of this year, an investigation conducted byAmnesty International and the Citizen Lab found it was the case that Pegasus spyware could hack into the iPhones as well as Android phones of a variety of activists, journalists, and government critics all over the world.
The Pegasus demonstrated how iPhones specifically were affected by the spyware, and it was discovered that iMessage was the most susceptible. Apple later issued updates to its software that fixed a number of issues.
Concerning Apple's threat notification, the support page states it's "designed to help and inform those who are targeted by state-sponsored hackers."
State-sponsored attackers differ from ordinary cybercriminals. In this case, an enemy state or, more frequently, the nation-state that is the victim is thought to target the victim because they are perceived to be threats. Apple has stated that users are targeted individually (commoners, casual users need not be worried) by their identity or their actions.
Most importantly, these state-sponsored attackers employ extraordinary tools and target a very specific and limited number of people or their equipment. Hence, making these attacks even more difficult to identify and avoid → adding the source.
For Pegasus, the licenses have been estimated to cost somewhere around 100,000 dollars, but that's not something that could be used by regular cyber-criminals, of course. Pegasus can also be made to function as a computer weapon and is only available to government officials.
In two ways, Apple may send you threat notifications
1. A Threat Notification will be displayed on the upper right-hand corner of the screen when the user has signed into the appleid.apple.com website.
2. Apple sends out an email and iMessage message to the telephone numbers and email addresses connected to a user's Apple ID.
Apple claims that its "threat messages will never require users to click on any link or open files, download apps or accounts, nor give the Apple ID username or code for verification via telephone or email."
However, suppose you receive any notification which claims to come from Apple and asks users to click the link or download an application.
In that case, it's recommended to stay clear of it. This could be an attempt at phishing of some kind.
To confirm that the Apple threat notification is authentic, users must log in to appleid.apple.com. In the event that Apple has sent out the threat message, it will be displayed on the very top once you have signed to the site.
Apple has also provided fundamental suggestions to be aware of to ensure that your account and device are safe from cyber criminals of all kinds. These include:
- Update devices to the most recent software since it contains the most recent security fixes for any vulnerability exploited by attackers.
- It is also recommended to secure devices by using passcodes.
- Two-factor authentication and a strong password to secure Apple ID are also recommended.
- Apple also says that users should install applications from the App Store.
- Additionally, you should avoid clicking on attachments or links that come from unknown senders.
Apple is also advising those who believe that they may have been attacked by state-sponsored criminals or require urgent cybersecurity assistance due to other reasons.
It's not long before an updated security feature will come in all the Apple Operating Systems.
