Apple has issued threat notifications to prominent public figures in India, warning that their iPhones may have been targeted by state-sponsored attackers. Indian politicians and journalists, including Rahul Gandhi, Shashi Tharoor, and Siddharth Varadarajan, were among those alerted by Apple about potential state-sponsored cyberattacks on their devices.
Threat notification sent out to victims. Source: Priyanka Chaturvedi (@priyankac19)
Since November 2021, Apple has been issuing threat notifications to users potentially targeted by state-sponsored attacks. These notifications, sent to phone numbers and emails linked to the user’s Apple ID, warn that attackers could access private data on the device, and even remotely activate the device’s camera or microphone. In the notification, Apple recommended updating to the latest iOS version and enabling Lockdown Mode.
In communications with TechCrunch, Apple has stated that it had not “attributed the threat notifications to any specific state-sponsored attacker.” However, reports suggest that India has previously engaged in deploying spyware. Notably, the country has faced allegations of using the Pegasus spyware against journalists inside India. The New York Times reported that India had secured the Pegasus spyware from Israel as part of a defense agreement. In response to significant international scrutiny and the addition of NSO Group, the developer of Pegasus, to the U.S. Commerce Department’s Entity List, India has reportedly been seeking alternatives.
You can view the complete list of identified victims in the Twitter thread compiled by @akhmxt1.
Government response
Ashwini Vaishnaw, the Minister for Railways, Communications, Electronics & Information Technology, addressed the threat notifications in a Twitter response, seemingly downplaying the alert. Citing Apple’s vague statement and the possibility of false alarms, the minister has urged Apple to collaborate in the investigation and furnish clear and precise details about the alleged state-sponsored attacks:
We are concerned by the statements we have seen in media from some MPs as well as others about a notification received by them from Apple. The notification received by them as per media reports mentions about ‘state-sponsored attacks’ on their devices.
However much of information by Apple on this issue seems vague and non-specific in nature. Apple states these notifications maybe based on information which is ‘incomplete or imperfect’. It also states that some Apple threat notifications maybe false alarms or some attacks are not detected.
Apple has also claimed that Apple IDs are securely encrypted on devices, making it extremely difficult to access or identify them without the user’s explicit permission. This encryption safeguards the user’s Apple ID and ensures that it remains private and protected.
The Government of Bharat takes its role of protecting the privacy and security of all citizens very seriously and will investigate to get to the bottom of these notifications.
In light of such information and widespread speculation, we have also asked Apple to join the investigation with real, accurate information on the alleged state sponsored attacks.
Further Reading
About Apple threat notifications and protecting against state-sponsored attacks
Apple warns Indian opposition leaders of state-sponsored iPhone attacks