Apple has introduced a new software update that fixes the exploitation issue, using a Pegasus tool for spying and surveillance.
WHY ARE APPLE DEVELOPERS UPDATING THE SOFTWARE?
The University of Toronto’s Citizen Lab has claimed that software exploitation has occurred in the current IOS 14 version since February.
The vulnerable exploit and breach of privacy are taking place in the imessage feature that allows hackers to bypass security layers when the user clicks on any link.
The researchers involved in the case stated that the exploit was known as CVE-2021-30860 that targets journalists and human activists in Saudi Arabia and other countries through Pegasus’s surveillance software.
This particular software Pegasus is developed and sold by the Israeli firm NSO group.
An investigation by Amnesty International shook all nations to the core when reports stated that multiple governments were making use of this particular Pegasus software to snoop on prominent members and people holding higher authoritative ranks in numerous countries, including India.
Researchers mentioned that it was easier to target iPhone users through this snooping software due to the vulnerability in ios.
As soon as the Apple developers heard these claims made by the researchers, they did fix the vulnerable bug; however, Apple’s developers did not mention or state any official comments regarding the same.
On the Apple software support website, the developers mention that this software update’s primary purpose and impact is to ‘process a maliciously crafted PDF that can lead to arbitrary code execution.
It also states that ‘Apple is aware of the reports stating that this software promotes or allows exploitation.
Along with this statement, the developers have also credited the researchers of Citizen Lab for discovering the exploit taking place in the ios software.
HOW DOES THE HEAD OF APPLE SECURITY ENGINEER REACT TO THIS ISSUE?
Head of Apple Security Engineering and Architecture Ivan Krsti said that these attacks are highly sophisticated and cost millions of dollars to develop.
Due to its short shelf life, the malicious software often targets specific individuals. The vulnerability of this malicious iPhone software is not a threat to the majority of the users.
Still, the government authorities are using this software to spy on people of high interest, such as journalists and human rights advocates who speak on policies that the government sanctions.
HOW DOES THE NSO GROUP REACT TO THESE ALLEGATIONS?
The NSO group, on the other hand, has denied the allegations that the security researchers make.
The Israeli firm stated that the NSO group would continue to provide intelligence and law enforcement agencies with life-saving technologies to fight terror and crime.
The authoritative members of the NSO group continue to state that the Pegasus software is a helping tool that can keep a check on criminal and terrorist activities with the primary objective of eradicating problems.
However, the researchers have already presented evidence showing how the software allows journalists’ surveillance without their consent by breaching their right to privacy and freedom.
The main question remains: Is the Pegasus software malicious and used for surveillance to achieve political agendas? Or is it merely a helping tool, as stated by the NSO group?
The Apple developers have made suggestions stating that all Apple users must update their software to IOS 14.8. People who use Ipad are also required to update their software to IOS 14.8 for better security and privacy.
