AN APPLE ALERTA DAY KEEPS THE MERCENARIES AT BAY
You know the statement “An apple a day keeps the doctoraway”, Apple is taking it to heart as they begin alerting users that have beenindividually targeted by the Bad Guys.
On Wednesday, Apple updated its documentation regarding itsspyware threat notification system to include alerts for individual targeting.The company specifically mentioned NSO Group and their development ofcommercial surveillance tools like Pegasus, which are used by state actors forhighly complex and costly individual attacks.
Apple stated that these mercenary spyware attacks, althoughtargeting a small number of individuals such as journalists, activists,politicians, and diplomats, are ongoing and have a global impact. The company emphasized the extreme cost, sophistication, andworldwide reach of these attacks, labelling them as some of the most advanceddigital threats today.
This update represents a change from the previous wording,which focused on informing and assisting users targeted by state-sponsoredattackers.
TechCrunch reported that Apple sent threat notifications toiPhone users in 92 countries which coincided with the update to the supportpage.
It's important to highlight that Apple started sendingthreat notifications to alert users believed to have been targeted bystate-sponsored attackers since November 2021.
Users in over 150 countries received a warning from Appleabout the possibility of their devices being targeted by sophisticated andwell-funded attacks that have been growing and developing. For devices that were impacted, a "Threat Notification”popped up at the top of an Apple webpage after logging in with their Apple IDon appleid.apple.com.
Furthermore, Apple also sent emails and iMessage notifications to the user'sphone and linked email address. However, the company explicitly states that it does notattribute the attacks or resulting threat notifications to any specific threatactor or geographical region. This development occurs as governments worldwide continuetheir efforts to combat the misuse and spread of commercial spyware.
Last month, it was disclosed that countries like Finland,Germany, Ireland, Japan, Poland, and South Korea had joined an initial group of11 countries collaborating to establish protections against the misuse ofinvasive surveillance technology.
"Authoritarian regimes and democracies around the worldhave misused commercial spyware without the necessary legal authorization,safeguards, or oversight," stated the governments in a joint statement. They went further to reiterate that the misuse of thesetools presents significant and growing risks to national security, includingthe safety and security of government personnels, information, and informationsystems.
In a recent report by Google's Threat Analysis Group (TAG) and Mandiant, it wasrevealed that commercial surveillance vendors exploited a significant portionof the 97 zero-day vulnerabilities discovered in 2023. These vulnerabilities targeted web browsers and mobiledevices, particularly exploiting flaws in third-party libraries affectingmultiple browsers and devices running Android and iOS. Google also noted a notable increase in exploitation byprivate sector firms in recent years, with threat actors increasingly usingzero-days for evasion and persistence.
They also mentioned that increased security investments are impacting the typesof vulnerabilities that threat actors can exploit, leading them to bypasssecurity measures to infiltrate target devices.
Sounds scary right??? Yes, it does, because according to a global analysis done in Q1 2024, Appleboasts of over 900 million iOS users.
MITIGATIONS
· Enabling two-factor authentication, updatingdevices to the latest software, downloading apps only from the App Store, usingstrong and unique passwords, and avoiding clicking on suspicious links orattachments.
· Turn on Lockdown Mode for added protectionagainst spyware, significantly reducing the attack surface.
· Update messaging and cloud apps to the latestavailable versions.
· Update all other Apple devices (Mac, iPad) youuse and enable Lockdown Mode on those too.
.png)
.png)