abusesaffiliationarrow-downarrow-leftarrow-rightarrow-upattack-typeburgerchevron-downchevron-leftchevron-rightchevron-upClock iconclosedeletedevelopment-povertydiscriminationdollardownloademailenvironmentexternal-linkfacebookfiltergenderglobegroupshealthC4067174-3DD9-4B9E-AD64-284FDAAE6338@1xinformation-outlineinformationinstagraminvestment-trade-globalisationissueslabourlanguagesShapeCombined Shapeline, chart, up, arrow, graphLinkedInlocationmap-pinminusnewsorganisationotheroverviewpluspreviewArtboard 185profilerefreshIconnewssearchsecurityPathStock downStock steadyStock uptagticktooltiptwitteruniversalityweb
Article

19 Jul 2021

Author:
Stephanie Kirchgaessner and Alex Hern, The Guardian

How does Apple technology hold up against NSO spyware?

It is one of the technological battles of the 21st century – in which every mobile phone user has a stake. In one corner, Apple, which has more than a billion active iPhones being used across the world. In the other, companies such as Israel’s NSO Group, developing spyware designed to defeat the most sophisticated security and privacy measures.

And while Apple says it is keeping pace with surveillance tools that are used to attack its phones – it boasts of creating “the most secure consumer platform in the world” – research undertaken as part of the Pegasus project paints a more worrying picture... suggest[ing] that even the most up-to-date iPhones running the latest operating system have still been penetrated by NSO Group’s Pegasus spyware.

... The disclosure points to a problem security researchers have been warning about for years: that despite its reputation for building what is seen by millions of customers as a secure product, some believe Apple’s closed culture and fear of negative press have harmed its ability to provide security for those targeted by governments and criminals.

... Another Citizen Lab researcher, John Scott-Railton, said it was important for companies such as Apple to defend against threats by “constantly tracking them” and anticipating what might come next. “If you don’t do that, you can’t really build a secure product, because as much as you talk about what potential threats exist against your platform, lots of clever people will find threats that you don’t know [about],” he said.

Even as Apple’s peers in the tech industry have begun to cry foul on advances by companies such as NSO, and have claimed they pose a grave threat to cybersecurity, Apple has largely stayed out of the fray. In a recent court submission filed in support of WhatsApp, the messaging app that is suing NSO Group in California, companies from Microsoft to Cisco created a coalition and filed a statement saying NSO made ordinary people less safe. Apple did not join the submission.

... In a statement, the iPhone maker said: “Apple unequivocally condemns cyber-attacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market.”

Apple also said that security was a dynamic field and that its BlastDoor was not the end of its efforts to secure iMessage.

“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals,” it said. “While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”

Timeline

Privacy information

This site uses cookies and other web storage technologies. You can set your privacy choices below. Changes will take effect immediately.

For more information on our use of web storage, please refer to our Data Usage and Cookies Policy

Strictly necessary storage

ON
OFF

Necessary storage enables core site functionality. This site cannot function without it, so it can only be disabled by changing settings in your browser.

Analytics cookie

ON
OFF

When you access our website we use Google Analytics to collect information on your visit. Accepting this cookie will allow us to understand more details about your journey, and improve how we surface information. All analytics information is anonymous and we do not use it to identify you. Google provides a Google Analytics opt-out add on for all popular browsers.

Promotional cookies

ON
OFF

We share news and updates on business and human rights through third party platforms, including social media and search engines. These cookies help us to understand the performance of these promotions.

Your privacy choices for this site

This site uses cookies and other web storage technologies to enhance your experience beyond necessary core functionality.