One would think that people are mostly at risk of cyber attacks by hackers and cyber criminals. However, a surprising TechCrunch report also indicates the possibility of the government involvement in some cases of these attacks. Apple today issued an update to iOS called 9.3.5 which reportedly addresses such spyware attacks by agencies and government on citizens working against them.
The issue came in light when an award-winning activist in the UAE named Ahmed Mansoor received suspicious text messages promising to give secret information. Since he had received fraudulent messages earlier also, he reported those messages to Canadian security research organisation Citizen Lab.
The subsequent investigation by Citizen Lab indicated a serious security breach involving three zero-day attacks. These involve execution of an arbitrary code through WebKit, gaining kernel access, and then executing code within the kernel.
Usually, even a single zero-day attack is rare and dangerous and hardly anyone has heard of three simultaneous attacks. These three attacks, named Trident, could have resulted into a one-step jailbreak of the phone. It would give access to all phone data and communication in the absence of any security patch.
The team sent these exploits to Apple which has now issued an update to fix them. It also said in a statement,
“We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.”
On further investigation, the security team found that Trident would have resulted into a malware called Pegasus. It is a commercial spyware tool made by Israel-based cyber security company NSO Group.
What is shocking is that in the past also, the name of NSO Group emerged in cases of attacks against citizens working in opposition to the governments.
For example, a malware, bearing NSO mark, had targeted a Mexican journalist named Rafael Cabrera. He was working on a story that potentially discredited the country’s president. Similarly, NSO also emerged in an investigation of an attack called Stealth Falcon in the UAE.
Through these circumstantial evidences, Citizen Lab has hinted at a possibility of NSO providing governments with highly sophisticated intrusion softwares. And governments are apparently using these softwares for spying on citizens as well in addition to terrorists and spies.
Citizen Lab said in a statement,
“Citizen Lab and others have repeatedly demonstrated that advanced “lawful intercept” spyware enables some governments and agencies, especially those operating without strong oversight, to target and harass journalists, activists and human rights workers. If spyware companies are unwilling to recognize the role that their products play in undermining human rights, or address these urgent concerns, they will continue to strengthen the case for further intervention by governments and other stakeholders.”