Soon after Apple announced its plans to sue the NSO group, it published a support document outlining how it will warn users if they are thought to be under a spyware attack. The tech giant recently issued alert messages to at least six Thai activists and researchers who have criticized the government, saying it believed their iPhones had been targeted by “state-sponsored attacks”.
Apple outlines how it will warn users if they have been targeted by state-sponsored attacks
The document, titled “About Apple threat notifications and protecting against state-sponsored attacks” details how the company’s state-sponsored threat alert system works. As per the document, Apple threat notifications are designed to inform and assist users who may have been targeted by state-sponsored attackers because “of who they are or what they do.”
Unlike traditional cybercriminals, state-sponsored attackers apply exceptional resources to target a very small number of specific individuals and their devices, which makes these attacks much harder to detect and prevent. State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life. The vast majority of users will never be targeted by such attacks.
The tech giant says that it will notify users who may be a target by sending them emails and iMessages, while a message will also appear when they log into their Apple ID on the Apple website. Note that these threat notifications will never ask users to click any links, open files, install apps or profiles, or provide their Apple ID password or verification code by email or on the phone.
To begin with, the company warned six Thai activists and researchers about their device being affected by a state-sponsored attack via these threat notifications. As reported by Reuters, Prajak Kongkirati, a political scientist at Bangkok’s Thammasat University received two emails from Apple warning it believed his iPhone and iCloud accounts had been targeted, along with a “threat notification” on his Apple account.
Researcher Sarinee Achananuntakul and Thai activist Yingcheep Atchanont of Legal Monitoring group iLaw received similar emails, along with a rapper, a political activist, and a politician. The messages warned, “if your device is compromised by a state-sponsored attacker, they may be able to remotely access your sensitive data, communications, or even the camera and microphone.”
The Cupertino tech giant on Tuesday filed a lawsuit against Israeli cyber firm NSO Group and its parent company OSY Technologies. The company seeking a permanent injunction to ban the company from using Apple products, including its hardware and software. As we have covered before, Pegasus spyware has been used to leak private photos of female journalists, attack an NYT journalist, hack 37 iOS and Android smartphones belonging to journalists, monitor suspects, hack iPhones of nine activists, and more. Earlier this month, the U.S. government had declared NSO Group as a national security risk. However, it is not known if the 6 Thai individuals were targeted by Pegasus or by some other malicious software.