Apple’s state-sponsored attackers alert

What’s in today’s article?

• Why in news?
• News Summary: Apple’s state-sponsored attackers alert
• Who are these state-sponsored attackers that Apple refers to?
• What are apple threat notifications?
• What does Apple advise users should do when an attack is detected?
• What exactly is the Lockdown Mode?
• Response of the government

Why in news?

• At least seven Opposition Members of Parliament said that they received a warning from Apple that state-sponsored attackers may be targeting their iPhones.
• The warning says the attackers are likely targeting these individuals because of who they are or what they do.
• It advises them on how to protect themselves, including activating the ‘Lockdown Mode’ feature on their iPhones.

News Summary: Apple’s state-sponsored attackers alert

Who are these state-sponsored attackers that Apple refers to?

• Following the allegations, Apple said in a statement that it does not attribute the threat notifications to any specific state-sponsored attacker.
• As per Apple:
  • State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. 
  • Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. 
  • It is possible that some Apple threat notifications may be false alarms, or that some attacks are not detected.
• Attackers backed by governments go after specific individuals and their devices, based on their identity or activities.
  • Such attacks are very different from the ones carried out by regular cybercriminals, who usually target a large number of users for financial gain.
• According to Apple, state-sponsored attacks are often short-lived, and are designed to evade detection and exploit vulnerabilities that may not be known to the public.

What are apple threat notifications?

• Apple’s threat notifications are a way of alerting and helping users who may have been targeted by state-sponsored attackers.
• As a response to these attacks, the company has developed a system that can spot activity that matches certain patterns. 
• When an attack is detected, a Threat Notification is sent by email and iMessage to the email addresses and phone numbers that are linked to the affected user’s Apple ID.
  • The notification that some politicians and others received was likely triggered by this system.

What does Apple advise users should do when an attack is detected?

• Some of the general security tips that Apple recommends are updating to the latest software versions, setting a passcode, enabling two-factor authentication, and using a strong password for the Apple ID.
• It also recommends that users should download apps only from the App Store, use a different password for each online account, and avoid clicking on links or attachments from unknown sources.
• Apple also suggests that users activate the Lockdown Mode.

What exactly is the Lockdown Mode?

• The Lockdown Mode is a feature introduced in its latest software updates to specifically protect against rare and sophisticated cyber-attacks such as these.
• When one activates Lockdown Mode, his/her device will enter into a state of high security, where many usual functions will be restricted or disabled.
  • E.g., He/she will not be able to send or receive attachments, links, or link previews in messages.
• Anyone who receives a threat notification from Apple should take it seriously and follow the steps that Apple recommends to secure their device and account.

Response of the government

• The Government has launched an investigation into the alerts.
• Minister of Electronics and Information Technology Ashwini Vaishnaw downplayed the alerts by citing Apple’s claim that these alerts have been sent to people in 150 countries.

Q1) What is an Apple ID?

An Apple ID is an account that you use to access Apple devices and services. It includes your email address or phone number, a password, and your data and settings.

Q2) What is iMessage?

iMessage is an instant messaging service that Apple developed in 2011. It's available on Apple devices like the iPhone, iPad, Apple Watch, and Mac laptop.

Source: What is Apple’s ‘state-sponsored attackers’ alert, received by multiple Opposition leaders? | The Hindu