Why Apple’s approach to alerting victims of spyware attacks is the right one

For several years, Apple has notified individuals targeted by government spyware, alerting them to potential compromises and directing them to seek assistance. Notably, Apple recommends contacting Access Now, a nonprofit operating a digital helpline for civil society members suspecting government spyware targeting, rather than contacting Apple’s own security engineers.

Cybersecurity experts say that Apple’s approach in alerting victims to spyware attacks is the right one.

Lorenzo Franceschi-Bicchierai for TechCrunch:
‎

“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple Account,” reads a recent alert, which Access Now shared with TechCrunch. “This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”

While it may look like Apple is abdicating its responsibility to protect its users, cybersecurity experts who work with human rights defenders, journalists, and dissidents generally agree that Apple’s approach in alerting victims to spyware attacks is the right one.

“These notifications have been a game changer for spyware accountability research,” said John Scott-Railton, a senior researcher at the Citizen Lab, a nonprofit that investigates spyware and is housed at the University of Toronto Munk School of Global Affairs & Public Policy… Before the notifications, “We were just like in the dark, not knowing who to check,” according to Access Now’s legal counsel Natalia Krapiva.

“I think it’s one of the greatest things that’s happened in the sphere of this kind of forensic investigations and hunting of sophisticated spyware,” Krapiva told TechCrunch.

Now, when someone or a group of people get a notification from Apple, they are warned that something potentially anomalous is happening with their device, that someone is targeting them, and that they need to get help. And Apple tells them exactly where to get it, according to Scott-Railton, who said Access Now’s helpline is the right place to go because “the helpline is able to do good, systematic triage work and support.”

‎
MacDailyNews Take: Apple’s Lockdown Mode, which helps protect devices against extremely rare and highly sophisticated cyber attack, will stop you from doing things, but if you’re a potential target of state-sponsored mercenary spyware, it’s better to be safe than sorry. More info here.

We are currently about 1/4th of the way to being sustainable with Substack subscriptions.

Please tell your Apple-loving friends about MacDailyNews on Substack and, if you’re currently a free subscriber, please consider $5/mo. or $50/year to keep MacDailyNews going. Just hit the subscribe button. Thank you!

Read on Substack

‎
Please help support MacDailyNews — and enjoy subscriber-only articles, comments, chat, and more — by subscribing to our Substack: macdailynews.substack.com. Thank you!

Support MacDailyNews at no extra cost to you by using this link to shop at Amazon.

The post Why Apple’s approach to alerting victims of spyware attacks is the right one appeared first on MacDailyNews.