Apple sent a message alerting many iPhone mobile phone users that They could be targets for state-sponsored attacks. In Thailand, some of the people who have received the warning are political activists and academics. “Democracy” who came out to criticize the government
On the same day, Apple said it filed a lawsuit in California against NSO, an Israeli spyware maker and its parent company, accusing the NSO of using hacking tools for iPhone users.
Assoc. Prof. Dr. Prajak Kongkirati, Deputy Dean of the Faculty of Political Science, Thammasat University, Sarinee Achawanantakul, Independent Economist, Assoc. Join the demand for democracy, Dechathorn “Hockey” Bamrungmuang, an artist of the anti-dictatorship rap group, Chayapol Danothai, the Thammasat Front and the Rally. And a few other students who joined the anti-government movement received emails from Apple warning they were being targeted. “State-sponsored attackers” received emails at varying intervals from last night to this morning (Nov. 24).
Email notifications that each person receives. The same message reads, “Warning: Your iPhone may be the target of state-sponsored cyberattacks.”
Apple said it sent this email to users because it believed the owner of the Apple ID. “It’s being targeted by state-sponsored cyber attackers trying to gain access to your iPhone.”
“These attackers may target you directly because of your identity or because of what you do. If an attacker gains access to your iPhone He may also have access to sensitive data, communications, including cameras and microphones,” Apple said, adding recommendations for increasing the device’s security measures.
However, it is unclear what criteria Apple used to identify the attack as having state links. Or is there an actual attack? Because Apple is still divided on whether such notifications may be a mistake. Or some attacks Apple’s system may not be detected as well. And Apple couldn’t give more details. This could potentially be used to provide hackers with information to adjust their attack behavior to evade future detection.
BBC Thai asked Mr. Chaiwut Thanakmanusorn, Minister of Digital Economy and Society. Received only a short answer that I didn’t know the story and asked to check the information first.
Apple’s attack alert
Apple explains that threat notifications are designed to alert and assist users who may have been targeted by state-sponsored cyberattacks. Unlike most cybercrime, state-sponsored attackers are capable of accessing massive amounts of resources to compromise individual targets and their devices. This makes it extremely difficult to identify and prevent attacks from these groups.
Additionally, state-sponsored cyber attacks are often short-term, complex, and cost-intensive operations to target specific groups. This makes normal users have no chance of being attacked like this at all.
If Apple finds action that resembles a state-sponsored attack Apple will notify users in two ways:
- Sends an attack alert message at the top of the page after the user has logged in. appleid.apple.com
- Send emails and text messages to the phone number associated with the user’s Apple ID.
The alert will notify users of the next steps they should take to protect their devices.
Apple has confirmed that Apple’s prompts will not ask users to click a link, open a file, install an application or profile, ask for their Apple ID password or any verification numbers.
If the user receives a warning message The following instructions should be followed for safety.
- Update your device to the latest software with security fixes.
- Use a passcode to unlock your device.
- Use two-factor authentication and a strong password.
- Only install applications from the App Store.
- Use a strong password that is different from the one used elsewhere.
- Do not click on links or attachments sent from unknown or unknown senders.
Additionally, if a user has reason to believe they are being attacked by a state-sponsored cyber attack force without receiving a warning message. Apple also recommends seeking professional help. by Apple recommends contactingThe Consumer Reports Security Planner website There are resources that may be useful to users who need advice.
Is it related to “Pegasus” spyware?
In July, several foreign media outlets reported citing an investigation into Forbidden Stories, a non-profit organization that spreads press coverage of harassment that found N. SO An Israeli spy tech company has sold spyware called Pegasus to authoritarian governments in several countries to spy on and sift through the mobile phones of human rights activists, journalists and lawyers on the side. cross with the government
Forbidden Organization It states that Pegasus will hack into iPhones and Android phones and steal information such as chat messages, photos and emails, phone calls. and secretly turn on the microphone to eavesdrop on the conversation
The report stated that By checking the phone in the list of targeted numbers. More than half of them were found to have evidence of traces of Pegasus.
NSO side denies this allegation It states that the software is meant to spy on criminals and terrorists. It was created for use in the military. law enforcement agencies and only the intelligence agencies of countries with a good history of human rights.
Blognone, a Thai IT news site, states that Apple previously sued NSO, the creator of Pegasus malware and the state-sponsored FORCEDENTRY exploit. And believe that sending an email to alert the activists this time Probably related to FORCEDENTRY, but it’s not clear what state action it was.
Sarinee Achawanuntakul, an independent scholar and person who received email alerts about the attack from Apple, citedreportof Citizen Lab, a research unit of the University of Toronto. Canada published a 2018 issue of Pegasus branded spyware as well. The report claims that Thailand may be one of 45 countries where the spyware is being used for cyber surveillance.
Danna Ingleton, deputy director of Amnesty Tech, a division of Amnesty. International And working with Citizen Lab, said at the end of July that Apple prides itself on its reputation for features that prioritize security and privacy, but the NSO has torn that pride. After the Amnesty Tech team found clear evidence that NSO spyware Can work on iPhone 11 and iPhone 12
Apple sues NSO
Apple announced on Nov. 24 that the lawsuit was made to hold NSO and its parent company, OSY Technologies, to be “responsible for spying targeting Apple users”.
not only iphone Pegasus Spyware Can also work on the Android operating system as well. The operator can pick up text messages, images, emails, call logs, and turn on the microphone and camera on the phone without the owner’s knowledge.
at the beginning of this month US authorities have blacklisted the NSO, saying the software helps “empower foreign governments to crack down on dissent. This is the way the authoritarian government treats dissidents, journalists and activists.”