Cybersecurity Insight

iPhone Spyware Terrorizes Users

30 Aug

When it comes to spyware on mobile devices, Apple products aren’t first on the list by any means – if anything, they’re known for being practically impenetrable in comparison to their competing counterparts. In this most recent incidence of malicious cyber attacks, the NSO Group has bucked tradition and shown that even those that seem to be the strongest can be taken down a peg or two.

The NSO Group recently found a way to exploit certain security holes found in the iPhone’s iOS. It should also be noted that NSO Group deals with assisting government’s in spying on their country’s citizens. The attack starts through a spear phishing campaign, and NSO Group created almost identical pages to high-traffic websites like BBC and then filled the mock websites with malicious code to track the user without their knowledge. One user in particular received an email with a link that, had he clicked it, would have remotely cracked his iPhone through zero day exploits and installed spyware. It’s an invasive move called “Trident”, and can be used to view and hear everything from text messages to phone conversations and more.

This most recent report of spyware poses a number of reminders and lessons learned for consumers and businesses alike. One, security updates are key. It’s that simple. Updates are made available to enhance the user experience while simultaneously patching security inconsistencies that may have been recognized after the application went live. Second, even the most “impenetrable” products are vulnerable. It’s been proven with those connected to the IoT and those that are not; making a blanket assumption that a particular product is so safe it cannot be infiltrated makes the user a prime target for a cyber attack.

So, this is the solution: short term, update all your devices, iOS or otherwise. Long term, keep cyber security protection at top of mind. Zero day exploits are lethal because no one knows about them except for the attackers. Consulting a monitoring and management firm on your cyber security standing and whether your organization can improve will put you leaps and bounds beyond the competition, and increase your client’s trust in your company.