If foreign spies are going after your iPhone or iCloud accounts, you may get a message from Apple, which says it will warn users when it suspects state-sponsored hackers are targeting them. To do so, Cupertino has created a new notification system to alert users under threat.
Although Apple likes to claim its products are the most secure on the market, they aren’t perfectly secure—no gadget is. Over the years, security researchers have spotted state-sponsored hackers exploiting severe vulnerabilities in iOS and macOS to hijack the devices. Most recently, an Israeli surveillance company called NSO Group was accused of spreading spyware to select customers through maliciously crafted messages.
Apple’s threat-notification system tries to address the problem by detecting attacks from state-sponsored hackers and then warning potential victims.
The company notes “the vast majority of users will never be targeted by such attacks.” But if you are, there’s a chance the attack worked. That’s because state-sponsored hackers have the resources to develop elite hacking tools, which can be hard to detect and stop.
How Apple Will Alert You
According to an Apple support document, the company plans on issuing the threat alerts in two ways. The first involves displaying a threat notification at the top of the page when a user signs into appleid.apple.com, where they can manage their account.
The second involves Apple sending an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple ID.
“These notifications provide additional steps that notified users can take to help protect their devices,” the company said. To stay protected, the support page advise users to update their devices to latest version, use multi-factor authentication on their online accounts, and avoid clicking on links and attachments from unknown senders.
Don't Click Any Links
It's also important to be on guard against hackers attempting to spoof Apple’s threat system by sending you a fake email or iMessage impersonating the company. As a result, Apple points out that the “threat notifications will never ask you to click any links, open files, install apps or profiles, or provide your Apple ID password or verification code by email or on the phone.
“To verify that an Apple threat notification is genuine, sign in to appleid.apple.com. If Apple sent you a threat notification, it will be clearly visible at the top of the page after you sign in,” the company added.
Apple isn’t disclosing how it’s trying to detect the state-sponsored hacking activities since the information may help the attackers evade detection. The company also notes “detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete.
"It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected," Cupertino added.
Apple announced the new system after calling out NSO Group for helping foreign governments to spread spyware to select iPhone users across the globe. In response, Cupertino is suing NSO Group and asking a US district court to ban NSO from ever using Apple products again.