Apple's Cyber Security Team Meets with an Indian Government Agency

By Consultants Review Team Friday, 08 December 2023

Regarding the recent notification notifications given to some notable iPhone users in India, Apple's cyber security team eventually met with India's cyber security agency Indian Computer Emergency Response Team (CERT-IN). Apple sent state-sponsored attackers trying to remotely compromise' alerts to several opposition party leaders' iPhones last month. This warning aroused questions about whether the government was attempting to hack into their phones.

After opposition party leaders made public posts about the warning, Minister of State for Electronics and Information Technology (MeiTY) Rajeev Chandrasekhar claimed that Apple will have to explain why these notifications were sent to political leaders and a few media people.

Notably, this meeting was originally scheduled for the end of November. According to PTI, the insider stated, "Apple team met CERT-In. CERT-In must now submit its findings-based report." He clarified that CERT-In has not been given a deadline for submitting this report. As a result, it will be provided once the investigation is finished.  

The subject of the alert was 'ALERT: State-sponsored attackers may be targeting your iPhone'. "Apple believes you are being targeted by state-sponsored attackers who are attempting to remotely compromise the iPhone associated with your Apple ID," it continues. These attackers are most likely specifically targeting you because of who you are or what you do. If a state-sponsored attacker compromises your device, they may be able to remotely access your sensitive data, communications, or even the camera and microphone. While this could be a false alarm, please take this warning seriously."

Congress chief Mallikarjun Kharge, party leaders Shashi Tharoor, Pawan Khera, K C Venugopal, Supriya Shrinate, T S Singh Deo, and Bhupinder S Hooda, Trinamool Congress MP Mahua Moitra, CPI(M) general secretary Sitaram Yechury, and SP chief Akhilesh Yadav were among those who received the warning on their iPhones.

According to Apple's help page, state-sponsored attackers are well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks is dependent on threat intelligence signals, which are frequently imprecise and inadequate. 

Apple also stated that there may be a flaw in the warning system, alleging that some Apple threat messages may be false alarms or that some attacks are not identified. According to Apple, "We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behavior to evade detection in the future."


Current Issue