Apple's 'State-Sponsored Attackers' alert explained: What are these ...
Apple’s ‘State-Sponsored Attackers’ alert explained: What are these alerts and what should targeted users do?
The alerts are known as Apple threat notifications. The company claims they are designed to inform and assist users who may have been targeted by state-sponsored attackers
SUMMARY
Several prominent politicians in India have claimed to have received “state-sponsored alerts” on their Apple devices. So far, however, Apple has not confirmed if the new batch of alerts are genuine. Although, the company does have a pre-existing support page explaining the feature. The American tech company also explains what can be done if Apple users get the notification on their respective devices. Business Today has reached out to Apple for confirmation about the recent reports about the ‘State-sponsored Attackers’ alert. The story will be updated as and when the company responds.
The alerts are known as Apple threat notifications. The company claims they are designed to inform and assist users who may have been targeted by state-sponsored attackers.
The company claims that state-sponsored attackers are not your average cybercriminals. They are exceptionally resourced and target a very small number of specific individuals and their devices, making these attacks much harder to detect and prevent. These attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life.
If Apple discovers activity consistent with a state-sponsored attack, the targeted users are notified in two ways:
A Threat Notification is displayed at the top of the page after the user signs into appleid.apple.com.
Apple sends an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple ID.
These notifications provide additional steps that notified users can take to help protect their devices, including enabling Lockdown Mode. The mode can be found in Settings> Privacy and Security > Lockdown Mode.
However, it’s important to note that detecting such attacks relies on threat intelligence signals. Apple claims that these are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected.
How to Check if the Threat Notification is Genuine?
Apple has claimed that threat notifications will never ask users to click any links, open files, install apps or profiles, or provide your Apple ID password or verification code by email or on the phone. To verify that an Apple threat notification is genuine, sign in to appleid.apple.com. If Apple sent you a threat notification, it will be clearly visible at the top of the page after you sign in.
What can be done if you get a notification?
All users should continue to protect themselves from cybercriminals and consumer malware by following best practices for security:
Update devices to the latest software
Protect devices with a passcode
Use two-factor authentication and a strong password for Apple ID
Install apps from the App Store
Use strong and unique passwords online
Don’t click on links or attachments from unknown senders
Published on: Oct 31, 2023, 12:35 PM IST
Posted by: Danny Cyril Dcruze, Oct 31, 2023, 12:25 PM IST
