+

CERT-In launches investigation into Apple’s threat notifications

The government’s cyber security agency CERT-In has started its investigation into the issue of the Apple threat notification received by several opposition MPs, and a notice has been sent to the company, IT Secretary S Krishnan said on Thursday. The move assumes significance as the Minister of State for Electronics and IT Rajeev Chandrasekhar had […]

The government’s cyber security agency CERT-In has started its investigation into the issue of the Apple threat notification received by several opposition MPs, and a notice has been sent to the company, IT Secretary S Krishnan said on Thursday.

The move assumes significance as the Minister of State for Electronics and IT Rajeev Chandrasekhar had earlier this week said that the government wants Apple to clarify if its devices are secure and why ‘threat notifications’ were sent to people in over 150 countries, given the company’s repeated claims about its products being designed for privacy.

The government will investigate the threat notifications and also Apple’s claims of being secure and privacy-compliant devices, Chandrasekhar had penned in a post on X (formerly Twitter) on Tuesday, after several opposition leaders claimed ‘state-sponsored’ attack notification were sent to them from Apple and the government ordered a probe.

IT Minister Ashwini Vaishnaw has categorically rejected the opposition’s attack on the government, saying “compulsive critics” were indulging in the politics of “distraction”, as they could not tolerate the country’s progress under the PM’s Narendra Modi leadership. On Thursday, S Krishnan, Secretary, IT Ministry confirmed that notice has been sent to Apple.

“CERT-In has started its probe… they (Apple) will cooperate in this probe,” Krishnan told reporters on the sidelines of an event related to the Meity-NSF research collaboration.

Indian Computer Emergency Response Team or CERT-In is the national nodal agency for responding to computer security incidents as and when they occur.
Asked if a notice has been sent to Apple, the IT Secretary answered in the affirmative.

Several opposition leaders on Tuesday claimed they have received an alert from Apple warning them of “state-sponsored attackers trying to remotely compromise” their iPhones and alleged hacking by the government.
Those who received such notifications included Congress chief Mallikarjun Kharge, party leaders Shashi Tharoor, Pawan Khera, K C Venugopal, Supriya Shrinate, T S Singhdeo and Bhupinder S Hooda; Trinamool Congress MP Mahua Moitra, CPI(M) general secretary Sitaram Yechury and SP chief Akhilesh Yadav.

Shiv Sena (UBT) MP Priyanka Chaturvedi, Aam Aadmi Party’s Raghav Chadha, AIMIM president Asaduddin Owaisi and some aides of Congress MP Rahul Gandhi also received the notification.

Yechury and Chaturvedi wrote to Prime Minister Narendra Modi, while Moitra shot off a missive to Lok Sabha Speaker Om Birla, raising concerns over the issue and demanding action.

iPhone-maker Apple Inc in a statement earlier had reacted to the claims of Opposition leaders, saying it is possible that some threat notifications may be false alarms and some attacks may not be detected. It, however, refused to say what triggered warnings received by opposition leaders.

“Apple does not attribute the threat notifications to any specific state-sponsored attacker,” the firm had said in a statement on October 31.
State-sponsored attackers, it had said, are “very well-funded and sophisticated, and their attacks evolve over time”.

“Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected,” it said.

Apple had further said: “We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behaviour to evade detection in the future,”  The Cupertino, California-headquartered company had sent the threat notifications to individuals in nearly 150 countries.

INDIA’S DATA PROTECTION LAWS: TAKEAWAYS

Tags: