Toggle Dark Mode
In breaking news, Apple has just announced that it’s bringing legal action against NSO Group, the Israeli technology firm behind the controversial Pegasus spyware tool.
Over the past few months, Apple has been playing a cat-and-mouse game against exploits used by NSO Group to install the dangerous spyware on the iPhone and iPad. No sooner does Apple close one vulnerability than the group finds and exploits yet another one. Even advanced security architectures like BlastDoor have barely slowed down the Pegasus Spyware.
Pegasus spyware is particularly dangerous because it can be installed simply by sending an email or text message to your iPhone without any action or knowledge on your part. Once there, it can read text messages, track phone calls, track your location, and potentially even get access to your passwords.
It’s an insidious piece of spyware, and the only good news is that it’s a targeted attack, so you’re very unlikely to encounter it at random. In fact, the NSO Group charges quite a hefty price for the tool, and it’s only supposed to be available to government and law enforcement agencies. Of course, not all of these organizations are particularly ethical in their use of such tools.
The Israeli firm developed Pegasus in 2014 as an industrial spyware tool intended to be used in counterterrorism efforts by governments. However, as history has repeatedly shown, weapons developed with the best intentions can also be used for the worse. Digital weapons are no exception here, as security researchers discovered earlier this year.
In July, a forensic analysis by Amnesty International revealed that Pegasus was being actively used to target and spy on “human rights defenders (HRDs) and journalists around the world.” The analysis found that more than 80 journalists from 17 media organizations in 10 countries had been directly impacted by the Pegasus spyware, describing it as responsible for “widespread, persistent and ongoing unlawful surveillance and human rights abuses.”
Taking It to the Courts
After years of fighting Pegasus on a technical level, Apple has decided to try approaching the problem from a different direction. Today, the company announced that it filed a lawsuit against NSO Group to shut down the use of Pegasus Spyware by cutting it off at the source.
Apple today filed a lawsuit against NSO Group and its parent company to hold it accountable for the surveillance and targeting of Apple users. The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices.Apple
Apple also backs up Amnesty International’s findings, noting that the spyware has been “abused to target journalists, activists, dissidents, academics, and government officials.”
The announcement also shares new information on NSO Group’s latest exploit, dubbed FORCED ENTRY, which uses a now-patched vulnerability to hack into a victim’s Apple device to install Pegasus. The exploit was originally identified by the University of Toronto’s Citizen Lab research group.
State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change. Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous.Craig Federighi, Apple Senior VP, Software Engineering
Apple announced that it is also setting up a $10 million fund for organizations like Citizen Lab and Amnesty Tech to assist with their cyber surveillance research and advocacy. This fund will also include any damages that arise from the lawsuit against NSO Group.
In addition, Apple will be offering pro bono technical, threat intelligence, and engineering assistance to the researchers at Citizen Lab to help them in their independent research of security threats. Where appropriate, the company says it will offer the same assistance to other organizations doing critical work in this space.
Mercenary spyware firms like NSO Group have facilitated some of the world’s worst human rights abuses and acts of transnational repression, while enriching themselves and their investors. I applaud Apple for holding them accountable for their abuses, and hope in doing so, Apple will help to bring justice to all who have been victimized by NSO Group’s reckless behaviour.Ron Deibert, director of the Citizen Lab at the University of Toronto
Should You Be Concerned?
As terrifying as Pegasus is, it’s important to remember that this is a targeted attack by a “state-sponsored” spyware tool. This means you’re very likely to encounter it unless you’re doing something that could raise the ire of a government agency.
Apple has not only made it clear that these threats “only impact a very small number of customers,” but it’s also confirmed that for now, at least, any vulnerabilities used by Pegasus have been closed by the improvements in iOS 15.
iOS 15 includes a number of new security protections, including significant upgrades to the BlastDoor security mechanism. While NSO Group spyware continues to evolve, Apple has not observed any evidence of successful remote attacks against devices running iOS 15 and later versions.Apple
While most iPhone users likely won’t find themselves faced with Pegasus, if you’re concerned, there are tools you can use to check for it on your iPhone. More importantly, however, while Pegasus may be the most dangerous spyware out there since it has the financial backing of multiple government agencies, it’s far from the only threat. So it’s always a good idea to ensure that your Apple devices are updated to the latest versions of iOS, iPadOS, and macOS.