Apple says Pegasus-type breaches highly sophisticated; analysts say incident raises questions on iOS | #ios | #apple | #iossecurity


Apple has conceded that its iPhones are vulnerable to the Pegasus-type breaches, calling them “highly sophisticated” which cost millions of dollars to develop and are used to target specific individuals. In a statement, Ivan Krstić, head of Apple Security Engineering and Architecture, however, said that such breaches are not a threat to a majority of its users and that the US major is adding new protections for its devices and to safeguard the data on them.

“Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market,” Krstić said in a statement.

Apple’s comments follow recent reports that claimed that journalists of over 16 media outlets including Indian and international publications along with human rights activists, lawyers and politicians all over the world have been snooped on by “authoritarian governments” using hacking software supplied by the Israeli’s NSO Group, according to findings by an investigation.

The investigation was conducted by the Guardian and 16 other media outlets. The Guardian report specifically uses the term “authoritarian governments” as being behind the snooping.

The findings hint at widespread and continuing abuse of NSO’s hacking spyware Pegasus. Pegasus infects Android devices and iPhones, giving operators access to messages, photos and emails. It can also record calls and secretly activate microphones, reports say.

According to the forensic methodology report by Amnesty, Apple’s iPhone is the easiest to snoop on using the Pegasus software. The leaked database shows that iPhones running iOS 14.6 contain a zero-click iMessage exploit and this exploit could have been used to install Pegasus software on the iPhone devices of the targeted entities.

“For Privacy, there are two views, one is consumer’s view of Apple privacy and other is privacy from Apple’s lens and necessary steps it takes to strengthen the same…Apple has done a great job on the first one positioning its ecosystem secure in front of consumers. This Pegasus incident falls under later one where Apple will look into and take necessary steps but for consumers, this incident is likely to have a negligible impact on how they think about privacy within iOS ecosystem,” said Tarun Pathak, Research Director at Counterpoint.

Prabhu Ram, head-industry intelligence group at market intelligence firm CyberMedia Research (CMR) said that the nature of cyber threats continue to evolve and ensuring security and privacy is an always-on process. “Over the past few years, Apple has prioritized security and privacy as key business differentiators of the iPhone and I believe Apple will continue to invest in that direction.”

Navkendar Singh, research director at IDC said that the latest hacking incident using Pegasus doesn’t do any good and goes against Apple’s global campaign around privacy as a differentiator. “In India, they are still growing and there will not be any impact on their market performance as regular customers don’t look at privacy rather brand appeal and other features. But, this incident raises questions on iOS.”

Meanwhile, the Indian government has issued its first response to the breaking news, saying “No unauthorised interception by government agencies”. IT and Communications Minister Ashwini Vaishnaw on Monday said that with several checks and balances being in place, “any sort of illegal surveillance” by unauthorised persons is not possible in India.



Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

fifty seven + = sixty two