Apple has filed a lawsuit against NSO Group, the company responsible for the Pegasus spyware that has generated so much controversy in various countries. Likewise, those of Cupertino seek that said surveillance tool be permanently prohibited in “any software, service or Apple device”, they mention in their release. Apple emphasizes that, although the number of affected is very small in iOS, the abusive actions of NSO cannot be tolerated.

“NSO Group creates sophisticated state-sponsored surveillance technology that enables its spyware to keep an eye on its victims. These attacks only target a very small number of users and affect people on multiple platforms, including iOS and Android. Investigators and journalists have publicly documented a history of spyware abuse to target journalists, activists, dissidents, academics, and government officials. “ Manzana

Craig Federighi, Apple’s vice president of Software Engineering, also pointed to the “state-sponsored players,” who have previously been shown to be the NSO Group’s top customers: “They spend millions of dollars on sophisticated surveillance technologies without accountability”.

The manager acknowledges that, although Apple has “the most secure devices on the market”, there are private sector companies specializing in the development of spyware that are getting more dangerous. Also, the fact that only a small percentage of iOS users have been harmed does not mean that the company will ignore it:

“While these cybersecurity threats only affect a very small number of our customers, we take any attacks on our users very seriously and constantly work to strengthen security and privacy protections in iOS to keep all of our users safe.” Craig Federighi

iOS 15 is safe against Pegasus

In the legal document, Apple explains how NSO Group took advantage of a vulnerability in iOS – which has already been fixed through an update – to exercise its espionage practices. Thanks to Pegasus, which infected the victim by sending malicious data with the help of an Apple ID, it was possible to access the microphone, camera and private data stored on iOS and Android devices. However, Apple ensures that its servers were not affected at any time.

iOS 15 includes a number of new protections to ensure that Pegasus cannot meet its objective. “We have not observed any evidence of successful remote attacks against devices running iOS 15 and later versions,” they add. For this reason, they encourage all users to always keep their devices updated to the latest version.

Ivan Krstić, Director of Security Engineering at Apple, is quite clear about the message they intend to send with the lawsuit: “In a free society, it is unacceptable weaponize powerful state-sponsored spyware against those who seek to make the world a better place, “he added:

“Our threat intelligence and engineering teams work around the clock to analyze new threats, quickly patch vulnerabilities, and develop new industry-leading protections on our software and silicon. [chips]. Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like the NSO Group. “ Ivan Krstić

Apple to support cybersecurity companies

Finally, Apple announced that contribute $ 10 million to organizations whose mission is to investigate and defend cyber surveillance. Among them are, for example, Citizen Lab, which precisely discovered the vulnerability of iOS. “Apple will also support Citizen Lab’s expert investigators with technical assistance, threat intelligence and free engineering to aid in their independent investigative mission and, where appropriate, will offer the same assistance to other organizations doing critical work in this sector. . “