Source: Cyber Scoop
Summary
On June 1, Russia's Ministry of Foreign Affairs and Federal Security Service (FSB) accused Apple of colluding with the US National Security Agency (NSA) to compromise thousands of iPhones belonging to users in Russia and associated with foreign embassies in Moscow.
Three weeks after the accusations, Apple released an emergency patch to address two zero-day vulnerabilities, CVE-2023-32434 and CVE-2023-32435, that could allow an attacker to take over Apple devices. The vulnerabilities were identified by Russian-based cybersecurity firm Kaspersky while it was investigating a previously unknown mobile advanced persistent threat (APT) campaign targeting iOS devices on its own network.
In response to the accusation, an Apple spokesperson said, “We have never worked with any government to insert a backdoor into any Apple product and never will.”
Analysis
The accusation of collusion between Apple and the NSA is usual rhetoric from Russia as it seeks to cast a negative light on both Western technology companies and intelligence services. Similarly, Kaspersky has faced allegations that it allowed the Russian Federal Security Service (FSB) to use its software to scan computers worldwide for materials of interest. The alleged victims of the campaign would align with current US intelligence requirements, however, that is the extent of the available evidence to suggest US intelligence services were behind this specific campaign.
Apple prides itself on its policy to never undermine the security features of its products. Famously, Apple cited this policy in 2015 when it refused to alter iOS code to enable the FBI to access the phone used by San Bernardino mass killer Syed Rizwan Farook, despite the phone belonging to San Bernardino County.
If proven that Apple intentionally left backdoors in its devices to allow US espionage, the reputation damage would be severe, perhaps unrecoverable. It’s more likely that Apple was completely unaware of these vulnerabilities until they were responsibly reported by Kaspersky, after which Apple developed and released patches as soon as possible.
Mitigation
Field Effect’s elite team of Security Intelligence professionals constantly monitor the cyber threat landscape for vulnerabilities discovered in software such as Apple’s iOS. This research contributes to the timely deployment of signatures into Covalence to detect and mitigate the exploitation of these vulnerabilities. Covalence users are automatically notified when vulnerable software is detected in their environment and are encouraged to review these AROs as quickly as possible.
Field Effect strongly encourages users of Apple devices to update to the latest version of iOS as soon as possible.
References
