Following a growing list of troubling reports about the Israeli group NSO in recent years, Apple announced Tuesday that it has filed a lawsuit against the company for its "surveillance and targeting of Apple users." For years, NSO Group has been selling its Pegasus spyware to governments who use it to monitor journalists, activists, academics, and more. With Pegasus, authoritarian governments have been able to remotely access data on iPhone and Android devices.

Apple sues NSO Group over Pegasus spyware

The notch on Apple's iPhone 13 next to the notch on the iPhone 12. Image source: Christian de Looper for .

In a press release this week, Apple revealed that it would provide new information about NSO Group's FORCEDENTRY exploit. That exploit took advantage of a vulnerability that allowed criminals to hack a victim's iPhone and install Pegasus. Citizen Lab discovered the exploit for the first time last year. Apple has since patched the vulnerability, but not before Pegasus was used to attack Apple users.

As Apple points out, NSO Group used the resources of entire countries to carry out targeted cyberattacks. They were able to access cameras, microphones, and sensitive data on Apple and Android devices. To use FORCEDENTRY, the attackers created Apple IDs to send malicious data to the iPhone. of the victim. This allowed whoever was behind the hack to install Pegasus without the victim's knowledge. Apple says the attackers were unable to hack or compromise its servers.

Apple Senior Vice President of Software Engineering Craig Federighi shared this statement:

State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change. Apple devices are the most secure consumer hardware on the market, but private companies that develop spyware sponsored by the state have become even more dangerous. While these cybersecurity threats only affect a very small number of our customers, we take any attack on our users very seriously and are constantly working to strengthen security and privacy protections at iOS to keep all our users safe.

How Apple and others respond

The company also took the opportunity to talk about the security improvements in iOS 15. Apple says that while Pegasus spyware continues to evolve, it hasn't seen any signs of successful remote attacks on devices running iOS 15 or later. there's no nation-state looking to hack your phone's camera. But it's one more reminder to keep your software up to date.

Apple says it will notify any users who may have been targeted by FORCEDENTRY. Going forward, Apple plans to notify users whenever it discovers evidence of a state-sponsored spyware attack.

“At Apple, we are always working to defend our users against even the most complex cyberattacks. The steps we are taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place,” said Ivan Krstić, director of Security Engineering at Apple. and Architecture. “Our threat intelligence and engineering teams work around the clock to analyze new threats, quickly patch vulnerabilities, and develop new industry-leading protections in our software and silicon. Apple runs one of the security engineering operations sophisticated in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group.”

Apple's announcement fell just weeks after the US government added NSO Group to the list of entities. The government adds companies that pose a risk to national security or foreign policy interests to the list. targeting journalists and activists, NSO Group clearly qualifies for the list.