The tech giant also announced a $10 million contribution to support cyber-surveillance researchers and advocates. Apple has launched a new feature that informs and assists users who may have been targeted by state-sponsored attackers.
In the light of the recent Pegasus scandal, Apple is making an effort to battle the surveillance and monitoring of its device owners by introducing a system that will alert users when they are believed to be targets of such attacks. As part of Apple’s initiative to battle state-sponsored spyware, the tech giant has recently filed suit against Israel’s NSO Group, which is responsible for the Pegasus spyware software used in global state-sponsored surveillance schemes.
“Apple threat notifications are designed to inform and assist users who may have been targeted by state-sponsored attackers,” said Apple releasing information about its new system.
As the tech giant explained, “these users are individually targeted because of who they are or what they do. Unlike traditional cyber criminals, state-sponsored attackers apply exceptional resources to target a very small number of specific individuals and their devices, which makes these attacks much harder to detect and prevent. State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life. The vast majority of users will never be targeted by such attacks”.
Once suspicious activity is detected, the targeted users are notified in two ways. A Threat Notification is displayed at the top of the page after the user signs into appleid.apple.com, and Apple sends an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple ID.
These notifications provide additional steps that notified users can take to protect their devices.
“State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected. We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behavior to evade detection in the future” Apple noted.
The firm also said that it alerts users who may have been targeted by FORCEDENTRY, which exploited a now-fixed vulnerability and allowed the Pegasus spyware to be installed on their devices.
“Apple is notifying the small number of users that it discovered may have been targeted by FORCEDENTRY. Any time Apple discovers activity consistent with a state-sponsored spyware attack, Apple will notify the affected users in accordance with industry best practices,” Apple said.
Apple supports surveillance research
Apart from its new system to notify users, it has also announced its efforts to support cybersecurity research. The tech giant will be contributing $10 million, as well as any damages from the lawsuit to organizations pursuing cyber-surveillance research and advocacy. Also, it will support researchers at the Citizen Lab with pro-bono technical, threat intelligence, and engineering assistance to aid their independent research mission.
“Mercenary spyware firms like NSO Group have facilitated some of the world’s worst human rights abuses and acts of transnational repression while enriching themselves and their investors,” said Ron Deibert, director of the Citizen Lab at the University of Toronto. “I applaud Apple for holding them accountable for their abuses and hope in doing so Apple will help to bring justice to all who have been victimized by NSO Group’s reckless behavior.”