Far from shrinking, the scale of mercenary surveillance companies paid by governments to spy on journalists, human rights campaigners, and other members of the civil state is growing.
Today Apple warned iPhone users in an astonishing 92 nations that attacks against them have taken place. (The company sends out these notifications several times each year.) Without opposition, governments and other entities will not quit this unconstrained descent into becoming a surveillance society.
You are a surveillance target
According to TechCrunch, Apple wrote users: “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID. This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”
The latest rash of warnings means Apple has now identified 150 nations in which such attacks have taken place. There are 196 nations on the planet.
“Since 2021, we have sent Apple threat notifications multiple times a year as we have detected these attacks, and to date we have notified users in over 150 countries in total,” Apple said.
Though it may not be aware of every attack, its security teams work around the clock to protect customers against what it has until recently described as “state sponsored mercenary surveillance.” Many of the firms engaged in selling snooping software are, like NSO Group, Israel-based.
What to do if you receive a warning
If you have received a threat notification, you should act immediately. Amnesty International’s Security Lab tells us that an Apple threat notification should be seen as a very strong indication that you are being attacked.
Amnesty’s own forensic tests with individual devices that have received such notifications confirm they should be taken seriously, and if you have received one, you should take immediate steps to remediate and secure your digital existence.
Apple advises that you secure expert help, such as the rapid-response emergency security assistance provided by the Digital Security Helpline at the non-profit Access Now. Amnesty International and other Security Lab civil society partners are also equipped to provide support to individuals who received the Apple notifications.
Are these attacks proliferating?
Reuters also notes that Apple has changed how it describes the attacks. The company now tells people that they may have been victims of “mercenary spyware attack,” rather than framing the assault as being “state-sponsored” as it did before.
While this is described as a reaction to government reluctance to be linked with such attacks, it is also plausible to believe that it reflects continued growth in the surveillance business. As I’ve warned before, today’s expensive state-sponsored attacks become tomorrow’s $100 bargain deal on the dark web. These offensive technologies are utterly insidious and rot the center of democracy.
Apple also updated its Apple Support article concerning mercenary spyware and the threat notifications it has shared. “Mercenary spyware attacks cost millions of dollars and often have a short shelf life, making them much harder to detect and prevent,” the company said. “The vast majority of users will never be targeted by such attacks.”
Ivan Krstić, head of Apple security engineering and architecture, has previously promised to keep fighting back: “Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group.”
That said, a report today from Interpres Security seems to confirm the growing magnitude of these threats.
Security advice
In an increasingly challenging security environment, everyone online should protect themselves:
- Update devices with latest software.
- Use complex passcodes.
- Use two-factor authentication.
- Protect their Apple ID with a strong password.
- Install apps only from trusted sources, such as the App Store.
- Use strong and unique passwords.
- Never click on links or attachments from people you do not know.
Finally, if you think you may be a target, use Lockdown Mode.
Apple developed this mode in response to a wave of sophisticated attacks (Pegasus, Devils Tongue and Hermit). Lockdown Mode provides a great deal of protection at the cost of some utility; Apple is expected to continue to invest in securing its platforms, even against the designed in weaknesses it is being forced to adopt in reaction to some regulations, particularly in Europe and the UK.
Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
