Be Tech Ready!!

Apple cautions opposition leaders against cyber threats: Who are these “state-sponsored attackers”?

According to a report by The Wire, several opposition members and a couple of reporters have said that Apple gave them a heads-up about some “state-sponsored attackers who are remotely trying to compromise” their iPhones. The Cupertino-based technology giant sent messages to potential targets, saying, “If your device is compromised by a state-sponsored attacker, they may be able to remotely access your sensitive data, communications, or even the camera and microphone.”

These are the folks Apple told about the iPhone hacking attempts: Mahua Moitra (Trinamool Congress MP), Priyanka Chaturvedi (Shiv Sena UBT MP), Raghav Chadha (AAP MP), Shashi Tharoor (Congress MP), Asaduddin Owaisi (AIMIM MP), Sitaram Yechury (CPI(M) general secretary and former MP), Pawan Khera (Congress spokesperson), Akhilesh Yadav (Samajwadi Party president), and Siddharth Varadarajan (founding editor, The Wire). 

Other potential targets include Sriram Karri (resident editor, Deccan Chronicle), Samir Saran (president, Observer Research Foundation), Revathi (independent journalist), K.C. Venugopal (Congress MP), Supriya Shrinate (Congress spokesperson), Revanth Reddy (Congress MP), T.S. Singhdeo (Chhattisgarh deputy CM and Congress leader), Ravi Nair (journalist, OCCRP), K.T. Rama Rao (Telangana minister and BRS leader), and Anand Mangnale (regional editor, South Asia, OCCRP).

Apple issues a warning for potential targets

In the email titled “ALERT: State-sponsored attackers may be targeting your iPhone,” Apple warned these cyber criminals might be after their personal data because of their identity or their work. If these hackers manage to get into their devices, they could get hold of their private information, messages, or even control the cameras and mic remotely.

The wording of Apple’s warning is just like what they’ve used before to warn folks about spyware globally. However, the fact that five people in India got the same alert at the same time (11:45 p.m. on October 30, 2023) hints that the targets are part of a specific group in India. Apple said in a statement: “Apple does not attribute the threat notifications to any specific state-sponsored attacker.”

The company started sending these threat alerts in 2021, and apparently, they’ve been sending them to folks in about 150 countries ever since.

Also Read: The battle against misinformation: Technology’s limitations revealed

Who is Apple calling “state-sponsored attackers”?

After the accusations, Apple mentioned in a statement on Tuesday that they don’t link the threat alerts to any particular government-backed attacker.

Apple emphasized that state-sponsored attackers are well-resourced and sophisticated, with their methods evolving constantly. They added that identifying these attacks depends on sometimes incomplete threat intelligence signals, implying that some Apple threat notifications could be false alarms or that certain attacks might go undetected.

Apple said in a note:

“State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected.”

Government-backed attackers target certain individuals and their devices, depending on who they are or what they do. These attacks differ significantly from the typical cybercrimes executed by regular hackers, who usually aim for a large number of users to make money.

As per Apple, attacks sponsored by governments are usually brief and meant to dodge detection, taking advantage of weaknesses that might not be common knowledge.

Is Apple’s “Threat Notification” serious or just a warning?

Apple sends out threat notifications to alert and assist users who might have been targeted by government-backed hackers. In response to these attacks, the company has created a system that can identify activities that fit specific patterns.

If an attack is found, an “Alert” is sent through email and iMessage to the email addresses and phone numbers connected to the affected user’s Apple ID. The notification that certain politicians and others received was probably activated by this system.

Apple previously stated:

“We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behavior to evade detection in the future.”

Also Read: How research of attoseconds helped these physicists win Nobel Prize

Does Apple have a solution for such attacks?

The notifications come with suggestions on additional measures users can take to secure their devices and protect their privacy. Some of the basic security tips that Apple suggests include installing the latest software updates, setting a passcode, turning on two-factor authentication, and using a strong password for the Apple ID.

They also suggest that users stick to downloading apps solely from the App Store, use unique passwords for each online account, and refrain from clicking on links or attachments from unfamiliar sources.

Apple also advises users to turn on Lockdown Mode, a feature added in its recent software updates to provide protection against uncommon and advanced cyber attacks like these.

When you switch on Lockdown Mode, your device goes into a highly secure state where several regular functions are limited or turned off. For instance, you won’t be able to send or receive attachments, links, or link previews in messages, which helps prevent attackers from getting hold of your personal data.

Lockdown Mode is accessible solely on devices operating on iOS 16 or later, iPadOS 16 or later, watchOS 10 or later, and macOS Ventura or later. Apple notes that these attacks are infrequent and aimed at particular individuals, but if you sense that your device or data are at risk, you can switch on Lockdown Mode by navigating to Settings, then Privacy & Security, and finally Lockdown Mode, and toggling it on.

If you get a threat notification from Apple, it’s essential to take it seriously and follow the steps they suggest to protect your device and account.

A history of accusations against the government

Many Indian opposition leaders previously alleged that Mr. Modi’s government was spying on them. Back in 2019, WhatsApp claimed in a lawsuit that Pegasus, surveillance software created by Israeli company NSO Group, was used to target Indian journalists and activists. NSO has stated that it collaborates exclusively with government agencies.

In 2021, The Wire reported that over 300 numbers from a leaked database containing thousands of phone numbers, which were reportedly listed by NSO’s government clients, were linked to Indians.

Just last year, a political uproar ensued following a New York Times report stating that India had obtained Pegasus from Israel as a part of a defense agreement in 2017. PM Narendra Modi’s government has refuted claims of buying the spyware, which can infiltrate smartphones without users’ awareness and access nearly all their data.

Vishal Kawadkar
About author

With over 8 years of experience in tech journalism, Vishal is someone with an innate passion for exploring and delivering fresh takes. Embracing curiosity and innovation, he strives to provide an informed and unique outlook on the ever-evolving world of technology.