Apple’s Clarification Over ‘State-Sponsored Attackers’ Alert Controversy

India Edited by
Apple’s Clarification Over ‘State-Sponsored Attackers’ Alert Controversy

Apple Clarifies Over ‘State-Sponsored Attackers’ Alert Controversy (Image: Twitter/Apple)

Tech giant Apple has given an official clarification regarding the ongoing controversy over security alerts sent by Apple to various opposition leaders, warning that “state-sponsored attackers” may be targeting their iPhones. Apple stated that it does not attribute the threat notification to any specific state-sponsored attacker.

Apple mentioned in an official statement that the threat notification of a “state-sponsored attack” received by opposition leaders in the country could be a false alarm. “It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected,” Apple said in its statement. According to Apple, state-sponsored attackers are well-funded and sophisticated, and their attacks evolve over time. Apple also says on its support page that detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete.

Apple made this clarification hours after several opposition leaders claimed that they received security notifications via text message and e-mail with the title “ALERT: State-sponsored attackers may be targeting your iPhone”. Multiple leaders, including Congress’s Shashi Tharoor and Pawan Khera and the Aam Aadmi Party’s Raghav Chadha, have also shared screenshots of the alert they received. Apple also clearly mentioned that the company is unable to deliver information about what causes them to issue threat notifications, as that may help state-sponsored attackers adapt their behaviour to evade detection next time.

Notably, threat notifications are developed by Apple to inform its users who may have been targeted by state-sponsored attackers. “These users are individually targeted because of who they are or what they do,” Apple mentioned on its support page. The Cupertino-based tech giant says that such attacks are highly complex. It will also cost millions of dollars to develop and often have a short shelf life. Such attackers will target only a small number of specific individuals and their devices.