June 12, 2024

Lukmaan IAS

A Blog for IAS Examination

MALWARE MALICE: ON THE APPLE CYBERATTACK ALERT

image_printPrint

THE CONTEXT:  Over a dozen Opposition leaders and journalists received email alerts from U.S.-based tech giant Apple that their devices were targeted by “state-sponsored attackers”

MORE ON THE NEWS:

  • Over a dozen Opposition leaders and journalists received email alerts from U.S.-based tech giant Apple on 31stOctober night, informing them that their digital devices were being targeted by “state-sponsored attackers”.
  • These alerts come a year after a Supreme Court-appointed committee of experts found no conclusive evidence of the spyware on the 29 phones that it had examined.
  • In July 2021, a reporters’ consortium, the Pegasus Project, found that at least 40 journalists, cabinet Ministers and other officials in India were possibly subject to surveillance using Pegasus software

STATE SPONSORED ATTACKERS:

  • As per Apple:
    • State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time.
    • State-sponsored attackers apply exceptional resources to target a very small number of specific individuals and their devices.
    • State-sponsored attacks are highly complex, cost millions of dollars to develop and often have a short shelf life.
    • It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected.
    • The company clarified that the alerts sent now did not accuse a “specific state actor”. it also said that it would not be able to disclose how the targets were discovered but reiterated that the alerts had to be taken seriously.

ABOUT PEGASUS:

  • It is developed by the Israeli cyber-arms company NSO Group
  • Pegasus is a spyware that can infiltrate a mobile phone and gather personal information and can control the phone’s microphones and cameras without the user’s knowledge or permission.
  • The spyware is designed to bypass detection and mask its activity.
  • It is a type of malicious software.

THREAT FROM PEGASUS SOFTWARE:

  • Pegasus can gather information stored on the phone, such as photos and contacts, and activate the phone’s camera and microphone without the owner’s knowledge.
  • Researchers had found that spyware software such as Pegasus had targeted iPhones and the operating system iOS as early as 2016, and Apple had come up with updates to fix Pegasus exploits, besides going on to sue NSO.

RECENT STEPS TAKEN IN INDIA:

  • Cyber Surakshit Bharat Initiative:It was launched in 2018. The purpose of the program is to spread awareness, build capacity as well as enable Government departments on steps that need to be taken to create a cyber resilient eco system.
  • National Cyber security Coordination Centre (NCCC):It was developed in 2017 to scan internet traffic and communication metadata (which are little snippets of information hidden inside each communication) coming into the country to detect real-time cyber threats.
  • Cyber Swachhta Kendra:In 2017, this platform was introduced for internet users to create a secure cyber space by detecting botnet infections in India and to notify, enable cleaning and securing systems of end users so as to prevent further infection.
  • Indian Cyber Crime Coordination Centre (I4C):It was inaugurated by the government in 2020. I4C is envisaged to act as the nodal point to curb Cybercrime in the
  • Computer Emergency Response Team – India (CERT-IN):It is the nodal agency. CERT-IN is responsible for coordinating the response to cybersecurity incidents in India.

THE WAY FORWARD:

  • Strong Legal Frameworks: Governments need to enact and enforce comprehensive laws that explicitly address digital surveillance, data breaches, and privacy violations.
  • Cybersecurity Measures: Strengthening cybersecurity defense is crucial to prevent unauthorized access to devices and systems.
  • International Cooperation:Since spyware attacks often cross-national borders, international collaboration is vital. Governments and law enforcement agencies should work together to combat cybercrime and address surveillance-related challenges.
  • End-to-End Encryption: Emphasizing and implementing strong end-to-end encryption for communication platforms can prevent unauthorized interception of messages and data.

CONCLUSION:

The government must come clean on its dealings with NSO, and its use of software provided by such agencies and also emulate steps taken by other governments in proscribing such entities.

PREVIOUS YEAR QUESTION:

Q) Discuss different types of cybercrimes and measures required to be taken to fight the menace. (2020)

MAINS PRACTICE QUESTION:

Q) “ The challenges posed by technological surveillance to rule of law and privacy are serious enough to undermine democracy”, What do you understand by the statement? Explain in the context of recent developments.

Source: https://www.thehindu.com/opinion/editorial/malware-malice-on-the-apple-cyberattack-alert/article67485865.ece

Spread the Word