'Virus, vulnerability may have triggered Apple threat notifications' | Mint

'Virus, vulnerability may have triggered Apple threat notifications'

Cert-In asked Apple users to update their systems with the latest firmware to prevent hacking or data theft. (Photo: Reuters)
Cert-In asked Apple users to update their systems with the latest firmware to prevent hacking or data theft. (Photo: Reuters)


  • Indian officials and Apple are investigating the source of threat notifications sent to Indian politicians, journalists

New Delhi: A virus or an internal vulnerability could have triggered Apple's threat notifications sent to several people including Opposition members last month, a government official said, adding its probe into the matter has made progress.

"The investigation has progressed quite a lot. Nothing major has come out of it so far. What we have found so far is that there was some vulnerability in Apple’s systems for a period, and during that time, many people around the world tried to spread some virus on Apple devices," the official said on condition of anonymity.

Mint reported earlier this month that Apple and the central government had set up technical teams to look into allegations that the tech giant sent messages to several opposition politicians and journalists warning that their iPhones may have been targeted for “state-sponsored attacks."

The government and Apple began investigating after several users received notifications warning about state-sponsored attackers trying to compromise their iPhones using their Apple email IDs.

Several MPs, including Congress president Mallikarjun Kharge and general secretary K.C. Venugopal, Congress lawmaker Shashi Tharoor, TMC MP Mahua Moitra, Shiv Sena (UBT) MP Priyanka Chaturvedi and AAP’s Raghav Chadha had received the notifications saying the attackers were targeting the user individually “because of who you are or what you do".

The email further stated that if the device was compromised by a “state-sponsored attacker", it may be able to remotely access the user’s sensitive data, communications, camera or microphone. “While its possible that this is a false alarm, please take this warning seriously," it said.

"State actor is a standard language used by everyone. These companies use it because nobody wants to take the responsibility. It is natural that no one wants to accept that their system has some vulnerability. So, blaming the government is easy," the official cited above said.

Queries sent to Apple and the ministry of electronics and information technology remained unanswered.

The IT ministry had then asked Apple to join the investigation and provide information on the alleged state-sponsored attacks. Cert-In, which coordinates cyber security efforts, had issued a high-risk advisory for Apple products on 27 October, warning users of multiple vulnerabilities that could allow attackers to access sensitive information. An official had said at the time that Apple is said to have issued a software upgrade to cull the threat two days later, and attempts by hackers may have been made within that timeframe. Cert-In asked Apple users to update their systems with the latest firmware to prevent hacking or data theft.

Telecom and IT minister Ashwini Vaishnaw had said that Apple had issued the alert based on estimates and issued the advisory in 150 countries, which may be based on information which is ‘incomplete or imperfect’ and that some Apple threat notifications may be false alarms or some attacks are not detected.

Apple has also claimed that Apple IDs are securely encrypted on devices, making it extremely difficult to access or identify them without the user’s explicit permission. This encryption safeguards the user’s Apple ID and ensures that it remains private and protected.

Following the threat notifications, Apple said that it did not attribute the threat notification to any specific state-sponsored attacker.

“State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected. We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behaviour to evade detection in the future," the Cupertino, California-headquartered company had said.

Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.


Switch to the Mint app for fast and personalized news - Get App