What to do if you receive a warning
If you have received a threat notification, you should act immediately. Amnesty International’s Security Lab tells us that an Apple threat notification should be seen as a very strong indication that you are being attacked.
Amnesty’s own forensic tests with individual devices that have received such notifications confirm they should be taken seriously, and if you have received one, you should take immediate steps to remediate and secure your digital existence.
Apple advises that you secure expert help, such as the rapid-response emergency security assistance provided by the Digital Security Helpline at the non-profit Access Now. Amnesty International and other Security Lab civil society partners are also equipped to provide support to individuals who received the Apple notifications.
Are these attacks proliferating?
Reuters also notes that Apple has changed how it describes the attacks. The company now tells people that they may have been victims of “mercenary spyware attack,” rather than framing the assault as being “state-sponsored” as it did before.
While this is described as a reaction to government reluctance to be linked with such attacks, it is also plausible to believe that it reflects continued growth in the surveillance business. As I’ve warned before, today’s expensive state-sponsored attacks become tomorrow’s $100 bargain deal on the dark web. These offensive technologies are utterly insidious and rot the center of democracy.
Apple also updated its Apple Support article concerning mercenary spyware and the threat notifications it has shared. “Mercenary spyware attacks cost millions of dollars and often have a short shelf life, making them much harder to detect and prevent,” the company said. “The vast majority of users will never be targeted by such attacks.”
