A Blog by Jonathan Low

 

Dec 1, 2021

Apple Will Notify Users Whose iPhones Were Hacked By Spyware

This is related to Apple's lawsuit against the Israeli cyber-spying company, NSO, which has sold its software to numerous authoritarian regimes to hack the phones of their citizens. 

The Apple alerts will go primarily to people targeted by state-sponsored spying. JL 

Tim Fitzsimmons reports in NBC:

Apple will notify users whose iPhones and devices have been compromised by state-sponsored hacking. The tech giant published plans to inform the hacking victims after it sued the Israeli NSO Group, claiming it broke U.S. law by selling spyware to hack into iPhones. "Unlike cybercriminals, state-sponsored attackers target a small number of individuals and their devices, which makes these attacks harder to detect and prevent." “We are learning of numerous individuals, neither terrorists or criminals, but journalists, students, members of legitimate political opposition whose phones were hacked by governments using Pegasus."

Apple says it will notify users whose iPhones and devices have been compromised by state-sponsored hacking efforts, according to a support document.

The tech giant published its plans to inform the hacking victims last week after Apple sued the Israeli company NSO Group, claiming it broke U.S. law by selling spyware to hack into iPhones.

When Apple detects that a user has been targeted by state-sponsored hacking, it will send an iMessage and an email to the addresses on file, and a Threat Notification will be displayed when the user signs into Apple ID, Apple said.

"These users are individually targeted because of who they are or what they do," Apple said in the support document. "Unlike traditional cybercriminals, state-sponsored attackers apply exceptional resources to target a very small number of specific individuals and their devices, which makes these attacks much harder to detect and prevent.

"State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life," Apple said. "The vast majority of users will never be targeted by such attacks."

Apple did not respond to requests for comment.

Apple made the announcement as it filed the lawsuit against NSO Group, which has long insisted that it leases its technology only to legitimate governments to track criminals and enforce laws and interests.

“Apple’s notification of victims of espionage is beginning to reveal what a real horror show NSO Group’s services have facilitated,” Ron Deibert of the University of Toronto’s Citizen Lab said in an email.

“We are now learning of numerous individuals who are neither terrorists or criminals, but journalists, students, members of legitimate political opposition and other members of civil society worldwide whose phones were hacked by governments using Pegasus," he wrote.

“This abuse is no surprise given that there are no international controls over spyware companies like NSO Group,” he wrote. “The company’s executives really are, as Apple rightly pointed out in their legal complaint, ‘amoral 21st century mercenaries.’”

NBC News reported in 2017 that Pegasus was used to target prominent journalists, lawyers, anti-corruption activists and government officials, according to research published by the Citizen Lab.

The Saudi government and its close ally the United Arab Emirates are suspected of having targeted three women who spoke out against it: a Lebanese broadcaster, a Saudi equestrian and an Emirati human rights activist, NBC News reported in August.

The Biden administration limited NSO Group's access to U.S. components and technology this month by requiring permission for exports.

0 comments:

Post a Comment