Apple’s Alert System: How it detects state-sponsored threats on smartphones

Indian opposition leaders, along with several others, received notifications on Monday from Apple cautioning them about potential attempts by state-sponsored attackers to compromise their iPhones, reported HT.

Reportedly, these alerts come a year after a Supreme Court-appointed committee of experts found inconclusive evidence regarding the presence of Pegasus spyware in the 29 phones it analyzed.

How does Apple notification work?

The report indicates that emails and iMessages are sent to the user’s Apple ID-associated address and phone number. Additionally, upon signing into, the company presents a red “Threat Notification” banner at the top of the page. This banner includes the date of the notification sent via email and iMessage, serving as a means to verify the authenticity of the received message for the user.

How does Apple detect attacks?

Reportedly, the detection of these threats is accomplished through the utilization of threat intelligence signals received by the company. Apple consistently declines to disclose details regarding the methods of detection, citing concerns that sharing such information could potentially assist state-sponsored attackers in adapting their tactics to avoid future detection.

Are there fake threat notifications?

Several spyware companies depend on users clicking on malicious links distributed through SMSes, emails, WhatsApp messages, and similar means to compromise devices. Apple explicitly ensures that its threat notifications do not contain any clickable links. It refrains from requesting users to install apps or profiles, or share verification codes via email or phone. When referring to URLs for additional information, Apple intentionally spaces out the links, prompting users to manually type them instead of clicking directly, thus mitigating the risk of inadvertently accessing malicious links.

Who all could be targeted?

The report from HT added thatApple acknowledges that the majority of individuals will not be the focus of attention from state actors, as these attacks demand significant resources in terms of finances, physical infrastructure, and personnel. Therefore, those capable of carrying out such attacks are typically supported by nation-states. Potential targets could include politicians, human rights activists, journalists, or outspoken and influential critics of a government.

“Exciting news! Mint is now on WhatsApp Channels 🚀 Subscribe today by clicking the link and stay updated with the latest financial insights!” Click here!

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.


Updated: 01 Nov 2023, 12:19 PM IST

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *