Apple has escalated its fight against the commercial spyware industry enabling state actors to conduct highly-targeted cyberattacks against journalists, activists, politicians, and other high-risk individuals around the world.
In an updated support document, the iPhone maker revised the language around its threat notification system to explicitly mention alerting users who may have been "individually targeted by mercenary spyware attacks." As Apple stated:
"Though deployed against a very small number of individuals—often journalists, activists, politicians, and diplomats—mercenary spyware attacks are ongoing and global. The extreme cost, sophistication, and worldwide nature of mercenary spyware attacks makes them some of the most advanced digital threats in existence today."
The change marks a direct call-out of companies like NSO Group that develop sophisticated commercial surveillance tools like Pegasus, which have been abused by authoritarian regimes to pull off "individually targeted attacks of such exceptional cost and complexity."
Apple has been sending these threat notifications since 2021, but this update makes clear they are specifically aimed at warning potential victims of the private mercenary spyware industry operating transnationally.
[RELATED: Apple Sues 'Abusive State-Actor' NSO Group]
"It's really important to recognize that mercenary spyware, unlike others, is deliberately designed with advanced capabilities, including Zero-Day exploits, complex obfuscation techniques, and self-destruct mechanisms, making it highly effective and hard to detect," said Krishna Vishnubhotla, Vice President of Product Strategy at mobile security firm Zimperium. "The developers go to great lengths to remove any clues that might link the software back to them or their clients."
Apple's documentation update coincides with a new wave of threat notification alerts being sent to iPhone users across 92 countries. It represents the latest effort by the tech giant to combat the scourge of cyber-mercenaries facilitating human rights abuses.
"Apple introduced Lockdown Mode in mid-2022 as a response to this growing threat. Apple also seems to have been giving notifications to that same high-risk group who they know have been targeted. I see this as Apple being a good citizen and supporting its customers at risk," commented Jason Soroko, Senior VP of Product at cybersecurity company Sectigo.
[RELATED: Apple Unveils 'Lockdown Mode' to Defend Against Spyware]
John Bambenek, President at Bambenek Consulting, noted how "the changes Apple made really highlight the scale and global scope of this problem. These types of attacks have victims in every country in the world."
The move by Apple comes as governments around the world step up efforts to combat the unchecked proliferation of mercenary spyware. Just last month, the U.S. announced an alliance of 11 countries working to develop new safeguards against the abuse of such invasive surveillance technology by regimes "without proper legal authorization, safeguards, or oversight."
As cyber-mercenary groups relentlessly pursue new Zero-Day vulnerabilities to bypass platform security mitigations, Apple and other tech companies find themselves on the frontlines of defending individual privacy and digital rights from nation-state surveillance running rampant. Increased transparency around these insidious threats is a crucial first step.
Follow SecureWorld News for more stories related to cybersecurity.