Over the weekend, a report from Amnesty International detailed targeted attacks on human rights activists, lawyers, and journalists using Apple’s iMessage system.
In a statement provided to the Washington Post, Apple defended its security practices and said it leads the industry in security innovation.
Amnesty International’s report detailed that the Israeli company NSO Group has sold several attacks known as ‘Pegasus’ over the years, adapting as Apple corrected each security flaw.
Amnesty International now believes the Pegasus spyware is taking advantage of an iMessage flaw affecting iPhone and iPad devices running iOS 14.6. The exploit also appears to work successfully on iPhones running iOS 14.3 and iOS 14.4.
Today’s Washington Post report includes a comment from Ivan Krstić, Apple’s head of Security Engineering and Architecture.
Krstić says that:
Apple unequivocally condemns cyber attacks against journalists, human rights activists, and others seeking to make the world a better place.
For more than a decade, Apple has led the industry in security innovation, and as a result, security researchers agree that the iPhone is the most secure consumer mobile device on the market.
Attacks such as those described are highly sophisticated, cost millions of dollars to develop, are often short-lived, and are used to target specific individuals. While this means they are not a threat to the vast majority of our users, we continue to work tirelessly to defend all of our customers by constantly adding new protections for their devices and data.
As Krstic points out, attacks such as those detailed by the Amnesty International report are incredibly sophisticated and not a threat to the “vast majority” of iPhone users. Despite this, of course, they pose a risk to those who are potential targets of these attacks.