Apple has released a support document which details that the company will notify all the users whose devices have been compromised by state-sponsored attacks. The news comes after the iPhone maker filed a lawsuit against the Israeli company NSO Group which sells spyware to hack iPhones.
If Apple detects that a user’s device has been compromised by state-sponsored cyber attacks, the company will notify the user through iMessage and email. A threat notification will be sent to the users whose Apple IDs have been compromised. The company says that these attacks by governments target a small set of specific people (targeted attacks).
Verify the threat notification before interacting
“These users are individually targeted because of who they are or what they do,” reads the support document released by Apple. “Unlike traditional cybercriminals, state-sponsored attackers apply exceptional resources to target a very small number of specific individuals and their devices, which makes these attacks much harder to detect and prevent.”
Apple says that threat notifications will never ask a user to open any link or install apps. The company is warning users against interacting with a fake threat notification that could cause harm to the user. The genuine threat notifications will be available on appleid.apple.com website.
“State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life,” reads the support document by Apple. “The vast majority of users will never be targeted by such attacks.”
Apple has listed out some best practices for all users to better protect themselves from any malware or cyberattacks:
- Update devices to the latest software, as that includes the latest security fixes
- Protect devices with a passcode
- Use two-factor authentication and a strong password for Apple ID
- Install apps from the App Store
- Use strong and unique passwords online
- Don’t click on links or attachments from unknown senders