Updated: Nov 7
Prominent figures in the opposition and journalism circles have reported receiving alerts from Apple regarding potential attempts by state-sponsored attackers to compromise their iPhones remotely. The notification emphasizes that the attackers likely have them in their sights due to their identities or activities, and offers guidance on protective measures, including utilizing the 'Lockdown Mode' feature on their iPhones.
As of late 2021, Apple has been proactively issuing these warnings whenever a breach is suspected, extending its reach to individuals in 150 countries. The tech giant has underlined that state-sponsored attackers operate with substantial resources and sophistication, and their tactics evolve over time. Identifying such threats relies on threat intelligence signals, which can sometimes be imprecise or insufficient. This means that some warnings may be false alarms, or certain threats may go undetected.
Unlike conventional hackers, who often target a wide audience for financial gain, state-sponsored attacks are highly targeted, focusing on specific individuals and devices based on their identities or activities. Apple explains that these assaults are typically brief and designed to evade detection, exploiting vulnerabilities that are not widely known.
In response to these incidents, Apple has developed a system capable of recognizing behavior patterns indicative of an attack. When an attack is identified, a "Threat Notification" is dispatched to the email addresses and phone numbers linked to the affected user's Apple ID through email and iMessage. This mechanism was likely responsible for the notifications received by certain lawmakers and others.
Apple has stated that it refrains from attributing these threat notifications to any specific state-sponsored attacker, emphasizing the importance of not divulging the criteria for issuing these alerts to prevent attackers from adapting their tactics.
The notifications are accompanied by additional recommendations for users to fortify the security of their devices and safeguard their privacy. These include updating to the latest software versions, setting up a passcode, enabling two-factor authentication, and using a robust password for the Apple ID. Apple also advises against downloading apps from sources other than the App Store, and stresses the importance of employing separate passwords for each online account and avoiding unfamiliar links or documents.
Furthermore, Apple strongly recommends activating Lockdown Mode, a feature introduced in recent software updates to provide heightened protection against rare and sophisticated cyber threats. Activating Lockdown Mode initiates a high-security setting that restricts or disables various common operations. For instance, sending or receiving attachments, links, or link previews in messages is prohibited to prevent attackers from accessing personal information. However, basic phone calls and plain text messages will continue to function normally.
Lockdown Mode is compatible with iOS 16 or later devices, iPadOS 16 or later devices, watchOS 10 or later devices, and macOS Ventura or later devices. If there is ever a suspicion of a device or data being compromised, Lockdown Mode can be activated by navigating to Settings, Privacy & Security, Lockdown Mode, and toggling it on.
Recipients of an Apple threat notification are urged to take it seriously and follow the recommended steps to secure their device and account.
For those seeking to enable Lockdown Mode on their iPhone or iPad, follow these steps:
1. Open the Settings application.
2. Select Privacy & Security.
3. Scroll down, choose Lockdown Mode, and then select Turn On Lockdown Mode.
4. Select Lockdown Mode.
5. Choose Turn On & Restart and enter your device's passcode.
On Mac, the steps to activate Lockdown Mode are as follows:
Go to the Apple menu > System Settings.
Select Privacy & Security from the sidebar.
Scroll down to Lockdown Mode, then turn it on.
Click the Turn on Lockdown Mode button. You may be prompted to enter the user password.
Click the Turn On & Restart button.
Union Minister Ashwini Vaishnaw expressed concern on Tuesday regarding threat warnings issued by Apple Inc., which alerted specific members of the Opposition about a potential "state-sponsored attack." The Union Minister for Communications, Electronics, and Information Technology assured that the government is actively investigating the matter.