APPLE NEWS: Apple Sues NSO Group To Curb The Abuse Of State-Sponsored Spyware

dWeb.News Article from Daniel Webster dWeb.News

PRESS RELEASE November 23, 2021

Apple also announced a $10 million contribution to support cybersurveillance researchers and advocates

CUPERTINO, CALIFORNIA Apple today filed a lawsuit against NSO Group and its parent company to hold it accountable for the surveillance and targeting of Apple users. This complaint provides additional information about how NSO Group infected victim’s devices with its Pegasus spyware. Apple seeks a permanent injunction that will prohibit NSO Group’s use of any Apple software, services or devices. This is to prevent further abuse and harm.

NSO Group uses state-sponsored surveillance technology to monitor its victims. These attacks target a small number of people and can be used on multiple platforms including Android and iOS. Journalists and researchers have documented the use of spyware to attack journalists, activists, dissidents and academics. 1

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. Craig Federighi is Apple’s senior vice-president of Software Engineering. Apple devices are the most secure on the market, but state-sponsored spyware has become more dangerous for private companies. While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.”

NSO Group’s FORCEDENTRY Exploit

Apple’s legal complaint provides new information on NSO Group’s FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a victim’s Apple device and install the latest version of NSO Group’s spyware product, Pegasus. Citizen Lab, an academic research group at the University of Toronto, first identified the exploit.

The spyware was used to target a limited number of Apple users with malicious malware and spyware. Apple is suing NSO Group to stop them from further harming people by using Apple’s products or services. NSO Group’s flagrant violations against US federal and state laws, which arose from its attempts to attack and target Apple and its users, are also addressed in the lawsuit.

NSO Group uses the vast resources and capabilities of nations to carry out highly targeted cyberattacks that allow them access to sensitive data such as the microphone, camera, or other data on Android and Apple devices. In order to force Apple devices to release FORCEDENTRY, attackers created Apple IDs that allowed them to send malicious data directly to the victim’s device. This enabled NSO Group and its clients to install Pegasus spyware in a way that was not known to the victim. Although the attackers used Apple IDs to send FORCEDENTRY, Apple servers weren’t hacked or compromised.

Apple is committed to making mobile devices as secure and private as possible. It also invests heavily in security and privacy protections for its customers. For example, researchers have found that other mobile platforms have 15 times more malware infections than iPhone,2 and a recent study showed that less than 2 percent of mobile malware targets iOS devices. 3

iOS 15 includes a number of new security protections, including significant upgrades to the BlastDoor security mechanism. While NSO Group spyware continues to evolve, Apple has not observed any evidence of successful remote attacks against devices running iOS 15 and later versions. Apple encourages users to always update their iPhones and use the most recent software.

Apple is committed to protecting our users from cyberattacks of all kinds. We are sending a clear message with the steps we are taking today: It is not acceptable to use powerful state-sponsored spyware to harm those who want to make the world better,” stated Ivan Krstic (head of Apple Security Engineering and Architecture). “Our engineering and threat intelligence teams work tirelessly to identify new threats and patch vulnerabilities quickly. We also develop industry-leading protections for our software and silicon. Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group.”

Apple’s Continuing Efforts to Protect Its Users

Apple commends groups like the Citizen Lab and Amnesty Tech for their groundbreaking work to identify cybersurveillance abuses and help protect victims. To further strengthen efforts like these, Apple will be contributing $10 million, as well as any damages from the lawsuit, to organizations pursuing cybersurveillance research and advocacy.

Apple also supports the Citizen Lab’s accomplished researchers with pro-bono threat intelligence and engineering assistance. This will allow them to support their independent research mission. Other organizations in this area will be offered the same assistance.

Mercenary spyware companies like NSO Group have enabled some of the worst human rights abuses in the world and acts of transnational oppression, while enriching themselves, their investors, and others,” Ron Deibert, Director of the Citizen Lab at University of Toronto, said. “I applaud Apple for holding them responsible for their abuses and hope that Apple will bring justice to all those who were victim to NSO Group’s reckless behavior.”

Apple notifies the few users it found may have been affected by FORCEDENTRY. Apple will notify affected users if it discovers activity that is consistent with a state sponsored spyware attack. This follows industry best practices.

Apple considers privacy a fundamental human rights and security is a constant concern for all employees. Apple has been a leader in the industry for years with innovative protections that can disrupt sophisticated attacks and protect its users. These include features like BlastDoor, pointer authentication codes (PAC), and Page Protection Layer (PPL). For more information about Apple’s platform security, visit support.apple.com/guide/security/welcome/web.

Citizen Lab, “NSO Group iMessage Zero-Click Exploit Captured in the Wild,” Sept. 13, 2021.
Nokia, “Threat Intelligence Report 2020,” 2020.
PurpleSec, “2021 Cyber Security Statistics: The Ultimate List Of Stats, Data & Trends,” 2021.

For more dWeb.News Digital Technology News https://dweb.news/news-sections/technology-news/

The post APPLE NEWS: Apple Sues NSO Group To Curb The Abuse Of State-Sponsored Spyware appeared first on dWeb.News dWeb.News from Daniel Webster Publisher dWeb.News – dWeb Local Tech News and Business News

Read More

Section C Consumer Products Retail News – dWeb.News

More Consumer Products Retail News at https://dweb.news/category/dweb-news/section-c-consumer-products-retail-news/

Similar Posts