Israel’s NSO Group is a significant digital surveillance contractor that is under international criticism for selling tech-based spying programs to authoritarian governments throughout the world. These programs have been used to target journalists, human rights activists and even political leaders, without their knowledge or consent. In the latest iteration of their exploits, last year The Citizen Lab reported that the NSO Group targeted the Apple devices of human rights workers, using “zero-click” exploits that did not need any interaction or even a link to be clicked for the hack to take effect.
Fortunately, Apple had released its Lockdown Mode back in Fall 2020 that prevented some of these attacks. Lockdown Mode acts as an “extreme, optional level of security” as it verifies incoming messages, requests, and attachments and blocks them before they can access and breach the user’s device. Such successful thwarting of NSO’s techniques may be seen as a positive, though the number of users who actually employ the Lockdown Mode may never be known, As Bill Marczak of Citizen Lab noted, its success against the infiltration “shows that it is a powerful mitigation”, but attackers may naturally look towards third-party apps which lack such features and protections.
The NSO Group has been trying to address claims that their technology has been used unethically. They argue that their tools are only used by government authorities for fighting crime and terror, but have remained largely silent about the targeted exploitation of human rights workers. Apple spokespeople responded to the incident by saying that the vulnerability only afflicted a few customers, and that Apple had rapidly issued patches to address them. They also noted that Lockdown Mode alerted the users of the danger before the attack was even known to both Apple and the security experts.
The recent revelations from The Citizen Lab tell one thing: that there is still a need for caution and strong security measures when using technology. NSO Group continues to search for ways to exploit devices, so a combination of common sense – for example in avoiding suspicious contacts – and software-based protection – such as Apple’s Lockdown Mode – are key to protecting yourself.
