Apple instructed its users to quickly update their devices after researchers claimed the misuse of their technology. But how and why?
What was the Matter?
According to Citizen Lab, an academic research group, “A few weeks ago, Apple sent a critical security update for fixing the flaw. But the vulnerability was attacked by Israel's NSO group.”
The NSO Group has developed software to take control over any Apple device, be it a watch, computer, or iPhone.After identifying the flaw, Apple rapidly developed a fix in iOS 14.8 to protect the users.
The software takes control over a device by first sending a message through iMessage, Apple’s default messaging app, then by taking advantage of Apple processing images. In the cybersecurity industry, this process is known as a “zero-click” exploit. Zero-click is a dangerous flaw that does not need a victim to click or download any file to take over the details by others.
On the matter, Scott Railton, Senior Researcher of citizen lab, said “People whose devices have been exploited are extremely unlikely to realize they have been hacked. The user sees crickets while their iPhone is silently exploited.”
He further added, “ Someone sends you a GIF that isn’t, and you are in trouble. That’s it. You don’t see a thing.”
The users who want to update their iPhone can go to Settings>General>softwareUpdate and then download an update available.
For Mac users, the update is available in the preferences.
The customers using Apple watches can update it through the Apple Watch app available on the iPhone. For the watch, go to General>Software Update.
What is NSO Group Technologies
NSO stands for Niv, Shalev, and Omri, the names of the founders of the company. It is an Israeli technology firm known for its zero-click surveillance of smartphones.
On this matter, an NSO spokesperson, in an emailed statement, said, “NSO group will continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime.”
Statement from the Citizen Lab
On claiming the NSO group for this hack, they said in an email statement, “Citizen lab discovered attack code belonging to the NSO Group, which was established based on naming conventions and the behavior of the software.”
Statement from Apple
Ivan Kristch, Apple’s head of Security Engineering and Architecture, in an email statement, said “Attacks like the ones are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.”
Ivan also thanked Citizen Lab for alerting the company to the exploit.
Earlier this month, Apple developed a system to detect child pornography on its phones after the critics said that it could undermine the privacy of the iPhone. Apple has fixed many iPhone bugs. Many of them were exploited by cyber attackers. The zero-click is the rarest and the most dangerous software for one’s privacy. Although, the immediate decisions by the company will make sure to save the user.
We at OpenGrowth, are committed to keeping you updated with the best content on the latest trendy topics from any major field. Also, both your feedback and suggestions are valuable to us. So, do share them in the comment section below.