Apple Acknowledges Some ‘State-Sponsored Attack’ Alerts Could Be False Alarms

Apple sent 'State-Sponsored Attack' alerts to Indian opposition leaders and journalists, while also acknowledging the possibility of false alarms.

  • Apple sent ‘State-Sponsored Attack’ alerts to Indian opposition leaders and journalists.
  • The company clarified that these alerts are not tied to specific attackers due to their evolving nature and imperfect threat signals.
  • Apple is helping users activate ‘Lockdown Mode’ for enhanced security against state-sponsored threats.

For the past few days, the ‘State-Sponsored Attack’ alert has been a hot topic of discussion, as numerous opposition leaders and journalists in India have received this alert. Apple is currently providing guidance to users on how to protect themselves from these attacks. However, the company has also mentioned that there is a possibility that certain threat notifications may be false alarms.

What did Apple say?

According to the report from Firstpost, Apple stated that Threat alerts involving state-sponsored attackers targeting Indian politicians, journalists, and lawyers cannot be linked to a specific state-sponsored attacker. The company clarified that “State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete.”

“As reliable and beneficial as Apple’s threat notifications are, Apple contends that it is ‘possible that some threat notifications are false alarms, or that some attacks are not detected.‘ And there are good reasons for this.”

However, the company did not reveal any details about what caused these notifications. Apple believes that providing information about what prompts them to issue threat notifications may assist state-sponsored attackers to change their activity in the future to avoid detection.

Apple has also clarified that the notification regarding threats from state-sponsored attackers has been sent to individuals in more than 150 countries since they activated the feature upon the release of iOS 16 in 2022, and not in recent days, as certain individuals on social media are claiming.

What is the Matter?

Opposition party leaders, including members of the Trinamool Congress (Mahua Moitra) and the Congress (Shashi Tharoor and Pawan Khera), tweeted screenshots of notification warnings they had gotten on X (formerly known as Twitter). These messages stated, “Apple suspects that you are the target of state-sponsored attackers attempting to remotely compromise the iPhone associated with your Apple ID.”

What is Apple Doing to Safeguard these Users?

Apple is guiding these users by assisting them to enable the ‘Lockdown Mode’ on their iPhones. The Lockdown Mode is a strong defense for iPhone, iPad, and Mac devices, precisely designed to improve overall security and dramatically decrease the potential attack surface. Its primary goal is to protect users who are in a high-risk group and are likely to be targeted by espionage attempts conducted by nation-states or state-sponsored entities.

This innovative safeguard acts as a powerful barrier against such threats, assuring the highest level of protection for these devices. In order to enable the Lockdown Mode, users can Go to Settings > Privacy & Security > Lockdown Mode.