Apple Aims to Cut Down on Spyware With Lawsuit Against NSO Group

Apple today announced that it has filed a lawsuit against Israeli firm NSO Group and its parent company with the aim of holding it accountable for targeting Apple users with spyware used for surveillance purposes.

In the lawsuit, Apple offers up information on how NSO Group infiltrated the devices of iPhone owners and how it utilized the Pegasus spyware to do so. Apple is asking for a permanent injunction that would ban NSO Group from using Apple software, services, or devices.

"State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change," said Craig Federighi, Apple's senior vice president of Software Engineering. "Apple devices are the most secure consumer hardware on the market -- but private companies developing state-sponsored spyware have become even more dangerous. While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we're constantly working to strengthen the security and privacy protections in iOS to keep all our users safe."

NSO Group created invasive spyware known as "Pegasus" that was sold to various world governments and was used to access the devices of journalists, lawyers, and human rights activists. Apple has been working on fixing exploits and has addressed major Pegasus-related hacks in iOS 14.6 and iOS 14.8.

With iOS 14.8, for example, Apple addressed a zero-click FORCEDENTRY iMessage exploit that could infect iOS devices with the Pegasus software, allowing for access to the camera, microphone, text messages, phone calls, emails, and more. Apple engineers worked around the clock to develop a fix, and additional BlastDoor security protections have been implemented in iOS 15 to protect the Messages app.

Those who were impacted by FORCEDENTRY will be notified by Apple, and going forward, Apple says any time that it finds activity consistent with a state-sponsored spyware attack, affected users will be informed.

Apple says that it has not found evidence of successful remote attacks against users running iOS 15 and later updates, and that everyone should update their phones and run the latest software. Apple security chief Ivan Krstić said the lawsuit is a signal that Apple will not stand for the use of weaponized spyware against "those who seek to make the world a better place."

"At Apple, we are always working to defend our users against even the most complex cyberattacks. The steps we're taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place," said Ivan Krstić, head of Apple Security Engineering and Architecture. "Our threat intelligence and engineering teams work around the clock to analyze new threats, rapidly patch vulnerabilities, and develop industry-leading new protections in our software and silicon. Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group."

In addition to filing a lawsuit against NSO Group, Apple plans to contribute $10 million to organizations pursuing cybersurveillance research and advocacy. Apple will also donate the damages from any lawsuit to the same cause, and will continue to support researchers at Citizen Lab with pro-bono technical, threat intelligence, and engineering assistance.

NSO Group has claimed that its software exploits have only been sold to "vetted" military, law enforcement, and intelligence agencies for use against criminals and terrorists, but a massive data leak earlier this year confirmed widespread abuse of the spyware. As a result, NSO Group has been blacklisted by the U.S. government, and no American organization is allowed to work with it. The company is also facing a 2019 malware lawsuit from Facebook, which a judge earlier this week refused to dismiss.

Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.