News Excerpt:
A few journalists and prominent opposition leaders have claimed to have received a message from Apple concerning "state-sponsored attackers who are remotely trying to compromise" their iPhones.
More about the news:
-
The notification urges the recipients to take precautions, such as turning on the "Lockdown Mode" function on their iPhones,
-
It states that it is likely the attackers are targeting them due to who they are or what they do.
Who are these “state-sponsored attackers” that Apple refers to?
-
As per Apple, attackers with state sponsorship are highly skilled and well-funded, and their strategies evolve. It's likely that not all threats are identified by Apple, or that some Apple danger alerts are false alarms.
-
Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete.
-
Government-backed attackers target particular people and their devices according to their identities or actions.
-
These kinds of attacks differ significantly from those carried out by typical cybercriminals, who often target a vast number of users to gain financially.
-
State-sponsored attacks are frequently short-lived and intended to avoid detection, and they take advantage of security holes that the general public might need to be aware of.
What does Apple advise users to do when an attack is detected?
-
Apple recommends -
-
To update the latest software versions, set a passcode, enable two-factor authentication, and use a strong password for the Apple ID.
-
Users should download apps only from the App Store
-
Use a different password for each online account
-
Avoid clicking on links or attachments from unknown sources.
-
Activate the Lockdown Mode, which is a feature introduced to protect against rare and sophisticated cyber attacks such as these.
About Lockdown Mode:
-
The device enters into a state of high security, where many usual functions will be restricted or disabled.
-
For example, you won’t be able to send or receive attachments, links, or link previews in messages, to prevent attackers from accessing your personal information.
India’s response:
-
The Indian Computer Emergency Response Team (CERT-In) has started an investigation and notified Apple, according to the national government.
PYQs
Q. In India, it is legally mandatory for which of the following to report on cyber security incidents? (UPSC 2017)
-
Service providers
-
Data centres
-
Body corporate
Select the correct answer using the codes given below:
(A) 1 only
(B) 1 and 2 only
(C) 3 only
(D) 1, 2 and 3
Q. In India, under cyber insurance for individuals, which of the following benefits are generally covered, in addition to payment for the loss of funds and other benefits? (UPSC 2020)
1) Cost of restoration of the computer system in case of malware disrupting access to one’s computer
2) Cost of a new computer if some miscreant willfully damages it, if proved so
3) Cost of hiring a specialized consultant to minimize the loss in case of cyber extortion
4) Cost of defence in the Court of Law if any third-party files a suit
Select the correct answer using the code given below:
(A) 1, 2 and 4 only
(B) 1, 3 and 4 only
(C) 2 and 4 only
(D) 1, 2, 3, and 4
Mains
Q. What are the different elements of cyber security? Keeping in view the challenges in cyber security, examine the extent to which India has successfully developed a comprehensive National Cyber Security Strategy. (UPSC 2022)
Q. Keeping in view of India’s internal security, analyse the impact of cross-border cyber-attacks. Also, discuss defensive measures against these sophisticated attacks. (UPSC 2021)