What To Do If You Get Apple Alert On ‘State-Sponsored’ Attack Like Mahua Moitra, Others Did

Prominent Indian Parliamentarians including Mahua Moitra, Shashi Tharoor, Priyanka Chaturvedi, and Asaduddin Owaisi, on Tuesday tweeted regarding official notifications they received on their iPhone devices. These notifications indicated the possibility of “state-sponsored attackers” potentially targeting their mobile devices. 

While this revelation has created an understandable buzz among iOS users, it’s worth noting that Apple indeed has a dedicated notification system to safeguard and assist users who may find themselves at risk from state-sponsored cyber threats.

According to Apple, certain individuals are identified as targets due to their unique identities or professional roles. The Cupertino company further clarified that unlike typical cyberattacks, “state-sponsored attackers” allocate significant resources to focus on a specific, limited group of targets and their associated devices. This high level of precision makes these attacks significantly more challenging to detect and thwart.

However, Apple also clarified that in some instances, these notifications may turn out to be “false alarms.” The company points out that the detection of such attacks relies on threat intelligence signals, which can be imperfect and incomplete. It is possible that certain Apple threat notifications may not accurately reflect a genuine threat, or that some attacks go undetected. 

The iPhone maker remains tight-lipped on why or how it issues threat notifications. Apple’s support page clarifies, “We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behaviour to evade detection in the future.”

It’s essential to underline that Apple’s threat notifications will never prompt users to engage in activities such as clicking on links, opening files, installing applications or profiles, or disclosing Apple ID credentials via email or phone.

For users seeking to authenticate an Apple threat notification, they are advised to log in to appleid.apple.com. A legitimate notification will be prominently displayed at the top of the page for verification.

In case you also receive such a notification, here’s what you can do: 

• Ensure that devices are regularly updated with the latest software, including security fixes.
• Protect devices with a secure passcode.
• Enable two-factor authentication and maintain a strong password for Apple ID.
• Download apps exclusively from the official App Store.
• Employ strong and unique passwords for online accounts.
• Avoid clicking on links or opening attachments from unknown senders.

By staying vigilant and following these security recommendations, individuals can enhance their protection against cyber threats and malicious activity.