Apple is unlikely to identify which “state” sponsored an attack on the digital devices of Opposition leaders and journalists.
Sources close to the development told businessline that in general the company does not have the ability to identify the exact state which will be mounting the attack. That’s because the alert itself is based on indicative information rather than something very specific.
“State actors have much larger resources to mount an attack. It could be the use of a software that cannot be accessed or bought by individuals and organisations, or it could be the large amount of computing power used for the attack which points to a state’s involvement,” the source said.
“A state can purchase a software or spyware which when used on Apple devices triggers the threat detection checks placed within Apple’s infrastructure. This then goes through human review and the subsequent threat notification is sent out to the affected parties,” said an industry source.
It is the complexity and the severity of the cyber-attack that points to it being an attack mounted by a country, as Mishi Choudhary, former Legal Director at Software Freedom Law Centre explained to businessline, “This is not malware, or a regular run of the mill breach. Apple sends out these notifications to people when it suspects that there is some very powerful attack happening, and they always say they are state-sponsored attacks, because countries have very different kinds of resources behind them.”
Pegasus-like attack
Given the nature of these targets, there is a reason to believe that this can be a Pegasus-like attack mounted against the leaders of the opposition.
“The Indian government has the most reasons to mount a spyware attack against the leaders of the opposition,” internet activist Srinivas Kodali said, “an enemy state has more reasons to spy on the devices of Indian ministers of the ruling party and not the opposition. However, the Centre is justified in asking Apple about the basis on which it is making the claims and issuing threat notifications in this context,” Kodali added.
Experts said the Centre’s investigation into the alert issued by Apple could end up just like the WhatsApp-Pegasus snooping incident where the case was closed due to lack of evidence.
On Tuesday, several political leaders, including Congress’ Shashi Tharoor, Aam Aadmi Party’s Raghav Chadha, Shiv Sena’s Priyanka Chaturvedi, and Trinamool Congress’ Mahua Moitra, claimed that they received an alert from Apple that stated that the State-sponsored attacker may be able to remotely access sensitive data, communications, or even the camera and microphone of their iPhones.