Business Standard

Govt orders 'technical' probe as Opposition cites iPhone hacking alert

According to Apple's support page, alert notifications are sent to particular users when they are individually targeted because of who they are or what they do

Ashwini Vaishnaw, Union minister of communications & IT

Ashwini Vaishnaw, Union minister of communications & IT

Sourabh LeleArchis Mohan New Delhi
In a development reminiscent of the controversy over the Pegasus spyware case in 2021, several Opposition leaders claimed on Tuesday that they had received an alert from Apple warning them that “State-sponsored attackers” were “trying to remotely compromise” their iPhones.

They alleged hacking by the government, prompting Union Communications and Information Technology (IT) Minister Ashwini Vaishnaw to assure a thorough probe to get to the root of the issue.
 
In response to the alert, Vaishnaw posted his reaction on X, stating that much of the information provided by Apple on the issue “seems vague and non-specific in nature”.
 

He mentioned that the government has “asked Apple to join the investigation with real, accurate information on the alleged State-sponsored attacks”. Later, speaking to the media in Bhopal, he added that it would be a very “technical kind of investigation” and would be taken up by CERT-In (Computer Emergency Response Team-India), the national nodal agency for responding to computer security incidents.

However, the minister termed the Opposition’s attack on the government as the work of “compulsive critics” who were indulging in the politics of “distraction” because they could not tolerate the country’s progress under the prime minister’s (PM’s) leadership.

Minister of State for IT Rajeev Chandrasekhar stated that similar “threat notifications” were sent to people in over 150 countries by Apple.

Those who received Apple’s notifications included Congress President Mallikarjun Kharge, party leaders Shashi Tharoor, Pawan Khera, K C Venugopal, Supriya Shrinate, T S Singhdeo, and Bhupinder S Hooda, as well as Trinamool Congress Member of Parliament (MP) Mahua Moitra, Communist Party of India (Marxist) General Secretary Sitaram Yechury, and Samajwadi Party chief Akhilesh Yadav.

Others who claimed they had received Apple’s notifications included Shiv Sena (UBT) MP Priyanka Chaturvedi, Aam Aadmi Party’s Raghav Chadha, All India Majlis-e-Ittehadul Muslimeen President Asaduddin Owaisi, some aides of Congress MP Rahul Gandhi, think tank Observer Research Foundation President Samir Saran, and an Officer on Special Duty with Delhi Chief Minister Kejriwal.

In his letter to the PM, Yechury expressed concern that remote access to his mobile phone may be used for “planting” information on his device, which could be used to “incriminate” him.

Raising the issue at a press conference in New Delhi, Rahul claimed that people in his office, several parties, and other Opposition leaders had received a warning. He suggested that it was part of the government’s “distraction politics” related to the Adani issue.

“The hierarchy in the country is as follows: No. 1, Adani; No. 2, PM Modi; and No. 3, Amit Shah... Modi’s soul is with Adani. The truth is that power is in the hands of someone else. As soon as Adani is touched, intelligence agencies are deployed for snooping,” he said.

At an event in Lucknow, Akhilesh said, “It is a matter of regret that in a democracy, freedom and privacy are being harmed.”

An email from Apple, which Tharoor shared on X, stated that the attackers were possibly picking on them individually because of “who you are or what you do”.

Apple warned the politicians that if their devices were compromised by a State-sponsored attacker, these attackers might be able to remotely access their sensitive data, communications, or even the camera and microphone.

The email Tharoor shared contained a warning from Apple: “While it’s possible that this is a false alarm, please take this warning seriously.” The contents of the email are similar to the technology giant’s statement on its website, posted on August 23.

Unlike traditional cybercriminals, Apple warned that State-sponsored attackers apply exceptional resources to target a minuscule number of specific individuals and their devices, making these attacks much harder to detect and prevent.

“State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life,” as stated on its website. However, the company does not provide any information about what triggers the issuance of threat notifications, as revealing this information may help State-sponsored attackers adapt their behaviour to evade detection in the future.

Since the rollout of the feature, such notifications have reportedly been sent to individuals in nearly 150 countries.

With unique security and privacy architecture, as well as ID encryption features to enable remote wipe of user data in the case of device theft or loss, Apple products have been considered the most secure in the market.

Launched in 2021, Apple threat notifications are designed to inform and assist users who may have been targeted by State-sponsored attackers.

Concerns over the privacy of data stored in digital form have long been debated in India. The country’s much-awaited data privacy law, the Digital Personal Data Protection Act of 2023, was enacted by the government in August this year. The law prescribes penalties of up to ~250 crore for each instance of a data breach and the blocking of entities not complying with the law after two instances of penalties. However, it has yet to be enforced in the absence of rules that will define the exact processes.


Screenshot

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Oct 31 2023 | 6:58 PM IST

Explore News