Apple has taken significant steps to enhance the security of its devices by releasing updates for iOS and iPadOS. This move comes in the wake of reports highlighting the use of forensic tools like Cellebrite to unlock and access data on iPhones and iPads. The updates, labeled iOS 18.3.1 and iPadOS 18.3.1, address a critical flaw that may have been exploited in highly advanced attacks targeting specific individuals.
“may have been exploited in an extremely sophisticated attack against specific targeted individuals.” – Apple
The vulnerability, uncovered by Bill Marczak, a senior researcher at the Citizen Lab, allowed attackers to disable USB Restricted Mode on locked devices. USB Restricted Mode is a security feature that blocks data transfer over a USB connection if a device hasn’t been unlocked for seven days. This loophole potentially facilitated unauthorized access to device data by circumventing this security layer.
Forensic Tools Used to Unlock Devices of Activists and Journalists
Amnesty International has released a report documenting these attacks, indicating that Serbian authorities employed Cellebrite forensic tools to unlock phones belonging to activists and journalists. Cellebrite is widely known as a powerful forensic tool used globally to access data on locked devices, raising concerns about privacy and civil liberties.
In response to these reports, Apple introduced an additional security measure: a feature that reboots devices if they are not unlocked for 72 hours. This enhancement aims to further safeguard user data against unauthorized access. Despite the gravity of the situation, Apple did not respond to requests for comment by press time.
The attacks appear to have been carried out with physical control of the targeted devices, likely using tools such as Cellebrite or Graykey to bypass security protocols. Amnesty International expressed concern over the widespread use of these forensic devices on individuals within civil society, emphasizing the potential for misuse by authorities.
The updates released by Apple aim to close the vulnerability and bolster device security. While these measures represent significant progress, they also underscore the ongoing challenges tech companies face in protecting user data from sophisticated threats.
What The Author Thinks
Apple’s proactive approach to addressing security vulnerabilities is commendable, especially in light of the sophisticated attacks targeting high-risk individuals. The company’s introduction of additional security measures, such as the 72-hour reboot feature, demonstrates a clear commitment to protecting user data. However, this incident highlights the persistent challenges that tech companies face in defending against advanced forensic tools like Cellebrite. As these tools become more accessible, companies must remain vigilant and continue to evolve their security protocols to safeguard privacy and civil liberties.
Featured image credit: Wikimedia Commons
Follow us for more breaking news on DMR