Apple has confirmed that it will send threat alerts to customers who may have been targeted by the NSO Group’s controversial Pegasus spyware.
Cupertino on Tuesday announced that it is suing NSO Group over the tools it develops and sells to governments to spy on iPhone owners. Its alerts are another effort to prevent software like Pegasus from going unnoticed.
Pegasus targets will get security alerts from Apple
Pegasus has been used by governments to surveil journalists, activists, dissidents, academics, and government officials. Once the software is installed on an iPhone, it can access the device’s cameras, microphones, and data.
In almost all cases, targets do not know that their device has been infected. But Apple hopes to change that — and in turn make Pegasus a lot less successful — by sending security alerts to those who may have been targeted.
The alerts will be delivered by text message and email. Apple will also display a banner at the top of its Apple ID site when a targeted user logs into their account in a web browser.
Not all threats can be detected
“Apple threat notifications are designed to inform and assist users who may have been targeted by state-sponsored attackers,” Apple explains. “These users are individually targeted because of who they are or what they do.”
“State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life. The vast majority of users will never be targeted by such attacks. If Apple discovers activity consistent with a state-sponsored attack, we notify the targeted users.”
Apple also warns, however, that due to the sophisticated nature of state-sponsored attacks like Pegasus, it’s possible that some will go undetected — or that some alerts will be false.
How to avoid a Pegasus attack
To verify a threat alert from Apple, you can sign into the Apple ID website and see if the banner is visible at the top of the page. Apple says the notifications will never ask users to click links, open files, install apps, or verify passwords.
It also provides some steps that iPhone users can take to avoid a spyware attack:Update devices to the latest software, as that includes the latest security fixesProtect devices with a passcodeUse two-factor authentication and a strong password for Apple IDInstall apps from the App StoreUse strong and unique passwords onlineDon’t click on links or attachments from unknown senders
In addition to threat notifications, Apple has bolstered iPhone security in iOS 15 to make it more difficult to spyware to be installed.