Cybersecurity analysts urge it apple users immediately update the software on their phones, computers and watches after the company issued an emergency security patch on Monday to prevent hackers from accessing the devices without users knowing.
In a new report, researchers at the University of Toronto’s Citizen Lab said the NSO group, an Israeli spyware company, used what is known as “zero-click exploitation” to access an activist’s phone. Saudi without a name. Researchers at Citizen Lab called the operation “Forcedentry” and said it has been in use since February and revealed that the NSO group’s “Pegasus” spyware program was used to infect the activist’s device.
“While typical cyberattacks require a user to interact with malicious content (such as clicking on a cheating link), zero-click exploits do not require any interaction with the device owners themselves,” said Lisa Plaggemier, acting executive director of the National Cyber Security Alliance, told CBS News. “That means it’s virtually impossible for people to know if they’ve been engaged or not,” he added.
The NSO group is well known in the cyber world and was previously funded and operated as an American company, but later returned to Israel. Hackers have been able to install Pegasus spyware on the target device using zero-click exploits by sending a message or calling the phone.
Josh Edelson / AFP / Getty Images
“Once installed, Pegasus allows a variety of controls that can siphon data or activate processes, such as the camera or microphone, on iOS or Android devices,” Jerry Ray, COO of cyber firm SecureAge, told CBS News . Ray said the main difference between this NSO group farm and the previous ones is the access road. In this case, it was a text sent via iMessage, while previous attempts were to make phone calls.
“Given all the applications that could pose a weakness that could be exploited by players like NSO Group, this could be a decimal point update among the countless to come,” Ray said.
Citizen Lab describes the NSO group as a “prolific” seller of espionage technology to governments around the world and claims its products, including Pegasus, have been regularly linked to surveillance abuses. In 2019, Citizen Lab helped WhatsApp uncover a loophole in which at least 1,400 phones were routed via missed voice calls. Most recently, Citizen Lab said Pegasus spyware was used to hack 36 personal phones of Al Jazeera journalists, producers, anchors and executives.
In a brief statement to CBS News, the NSO group said it “will continue to offer intelligence and police agencies around the world technologies to save lives to fight terror and crime.”
But cybersecurity analysts who spoke to CBS News disagreed with the NSO group’s framing.
“While the company says its spyware is only available for use by authorized police groups to target terrorists and criminals, numerous questions have been raised about the veracity of this statement,” Plaggemier said. . “This should serve as a great wake-up call for device manufacturers and technology vendors in general. Zero-click threats are here and they are here to stay,” he added.
Apple, which offered an update to fix the security issue Monday, credited Citizen Lab for helping the company fix it quickly.
“Attacks like the ones described are very sophisticated, cost millions of dollars to develop, often have a short lifespan and are used to target specific people,” Ivan Krstić, head of engineering, said in a statement. and Apple Security Architecture. “While this means they are not a threat to the vast majority of our users, we continue to work tirelessly to defend all of our customers and constantly add new protections to their devices and data,” he added.
Earlier this year, Apple revealed that there are more than a billion active iPhones and more than 1.6 billion Apple devices in active use overall. While Apple says the recent vulnerability is unlikely to affect most of its customers, cybersecurity analysts say the gap is still very narrow.
“Apple intentionally tried to prevent Pegasus from running on iOS14 and the malware was still successfully exploiting software vulnerabilities,” Caroline Wong, strategy director for cybersecurity firm Cobalt, told CBS News. “The extent of this vulnerability is alarming,” he added.