Home Apple sues cyber intelligence firm

Apple sues cyber intelligence firm

Nov 24–Apple is suing a cyber intelligence firm that sells spyware to governments, allowing them to hack iPhones belonging to human rights lawyers and journalists. By using the spyware, law enforcement agencies were able to extract data and read communications information.

Apple filed a lawsuit in federal court in California, alleging that the cyber warfare group targeted Apple users. The iPhone maker is seeking to permanently ban the group from utilizing Apple services or software.

Ivan Krstic, Apple’s head of security engineering and architecture, said in his tweet: “The steps Apple is taking today will send a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against innocent users and those who seek to make the world a better place.”

Apple claims that this malware is not designed for consumers and that the group allows “attacks, including from sovereign governments that pay hundreds of millions of dollars to target and attack a tiny fraction of users with information of particular interest to [the group’s] customers.”

To get a sense of how advanced the malware was, users of the software could gain access to your iPhone’s data by simply sending a text message. A successful attack requires zero clicks from the victim, leaving little trace of the attack.

Apple’s lawsuit states that users of the spyware could access the iPhone’s microphone and camera, text message and browsing history, and emails.
Apple will inform users who may have been targeted by this malware.

A spokesperson from the group said, “Thousands of lives were saved around the world thanks to [our group’s] technologies used by its customers… Terrorists can freely operate in technological safe-havens, and we provide governments the lawful tools to fight it. [our group] will continue to advocate for the truth.”

What do you think? Is this malware giving too much power to law enforcement agencies, allowing them to abuse it? Or is it worth giving up our privacy for safety?

Further reading from Cyber Talk: