Apple issues latest threat warnings against state-sponsored attacks

Apple has issued its latest batch of threat notification warnings to let people know they may be the targets of some kind of surveillance. The company has not said how many people it tipped off but did say they existed across 84 countries.

The messages will have told recipients that their devices may have been subject to attack by state or state-linked entities.

The kind of attacks these make use of are characterized as high-value exploits that are expensive to use, which means most individuals are unlikely to be target to such attacks.

Surveillance as a service

This form of surveillance as a service achieved notoriety following disclosures concerning Pegasus and others. They are frequently done by independent contractors at the behest of governments using exploits that are eventually identified and patched.

Attacks tend to be highly sophisticated and well targeted, making use of non-trivial methods. They are very real – the EU launched a special inquiry in 2022 to investigate them after several senior officials were told they may have been attacked in this way over the last few years.

This investigation found at least 14 EU member states had purchased spying tech from NSO Group, and warned four governments had abused the tools for political gain. In 2024 it warned that members of its defence subcommittee had been hacked.

The latest wave of attacks shows the threat remains very real, despite growing public awareness, and general lip service saying such attacks should not take place, “To date, we have notified users in over 150 countries in total,” Apple said, commenting on its latest alert, which was sent December 2. Recent data claims around 88% of UK business leaders are highly concerned at such attacks, and they should be.

If you think you may be a potential target for such attacks it’s important to enable Lockdown Mode on your Apple devices.

If you receive what purports to be an Apple threat notification please note it will never ask you to clock links or install anything. The best way to verify the link is to open up a web browser manually and sign in directly to appleid.apple.com; if Apple sent an alert, it will be visible at the top of the page.

Apple’s own pages warn:

“All users should continue to protect themselves from general cybercriminals and consumer malware by following best practices for security:

• Update devices to the latest software, as that includes the latest security fixes
• Protect devices with a passcode
• Use two-factor authentication and a strong password for Apple ID
• Install apps from the App Store
• Use strong and unique passwords online
• Don’t click on links or attachments from unknown senders

If you have not received an Apple threat notification but have good reason to believe you may be individually targeted by mercenary spyware attacks, you can enable Lockdown Mode on your Apple devices for additional protection.”

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.