Everything one should know about Apple’s new spyware notification

a cool image

On November 23, Apple announced that it had filed a law suit against the NSO group, the makers of the Pegasus spyware. Pegasus was a tool for state-sponsored surveillance campaigns in several countries. NSO Group used gaps in the security of Apple and other devices to target and steal information from targeted users. Apart from political leaders, such users included journalists, activists, students, academics, officials and even family members of these people. Apple has come up with a new notification to monitor similar attacks in future.  

What would Apple’s new spyware notification say? 
Apple said the new alert is aimed at users who might be state-sponsored spying app targets. Notifications will be sent via email and iMessage to the email and phone numbers associated with the users' Apple IDs. A big Threat Notification banner will show up at the top of the page when affected users log into their accounts, so that they can’t miss it. The will also get to know how to protect their device / account.   

What would Apple’s spyware notice exclude?  
Even alerts can be faked! Apple pointed out that it never asks users to click links or install apps in spyware notifications. Apple also admitted that it might be over-cautious and raise false alarm, but then the company is still studying spyware to understand how they work. The policy here is ‘better safe than sorry’, so anyone who receives an alert ought to be careful.  

Is there anything else Apple users can do to protect against spyware?  
Whether they get a notification or not, Apple asked all users to follow these steps to protect against spyware:  

  • Latest software updates should be allowed, as the security fixes would be included in them 
  • Devices should be locked with a passcode 
  • Users should adopt two-factor authentication and a strong password ‌ 
  • Users should install apps from the App Store  
  • Links and attachments from unknown senders should not be clicked on  

Moreover, Apple has put up a list of emergency resources at the Consumer Reports Security Planner website for users who feel they might have been hacked / spied / compromised in any way, but have not got an alert.  

Topics

  • Apple
  • Cybersecurity
  • Hacking
  • spyware