The planet’s two largest mobile tech platforms, Apple and Google (Alphabet) have combined to blare a massive global alarm — blasting out fresh hyperlocal hazard warnings as another wave of novel coronavirus infections break out across more than 150 countries. The unusual warnings itself serve to underscore that advanced, narrowly focused computer-intrusion operations — many suspected of being tied to state agencies and the shadowy world of commercial espionage software — are not only ongoing but are extending their reach on a striking global scale.
This double warning, just days apart in early December, highlights the grim reality that advanced digital surveillance tools are now part of a standard tool kit of espionage, employed against individuals whose work or public profile makes them a valuable asset — or threat — to powerful interests.
The Targets: Whom Will They Target?
These are not your — Writte (genauer und abgefangen): These alerts aren’t mass spam warnings; they’re incredibly specific supply notifications that go straight to the users whose machines indicate solid evidence of being directly singled out for advanced intrusions. Although Apple and Google do not specify which specific users are being targeted to protect their identities, historical information from comparable warnings suggests that the victims generally come from high-risk groups:
- Reporters and Media Workers: Reporters covering corruption, human rights or political opposition.
- Human Rights Activists: Those who act against repressive governments or in defense of civil society.
- Dissidents and political opponents: Anything that engages in a higher level of politics.
- Top Ranking Diplomats and Senior Government Officials: Loot valued for access to the latest sensitive communication and intelligence.
Apple also said that, overall, it has notified users in more than 150 countries since its threat alerts program began. These sorts of attacks usually depend on costly, high-powered tools such as “zero-click” exploits that can compromise a phone without the user’s even having to tap on a malicious link.
Google Flags the Mercenary Threat
Google’s alert at least gave the revamped digital battlefield a face: the nefarious surveillance-technology seller, Intellexa.
Intellexa’s Predator Spyware: Google’s Threat Intelligence Group (GTIG) said it informed several hundred different accounts across multiple countries—including in Pakistan, Kazakhstan, Egypt and Saudi Arabia—that had been targeted using spyware linked to Intellexa.
Eluding Sanctions: Most critical, Google noted that Intellexa, a company sanctioned by the American government, is “evading restrictions and thriving,” overhauling operations and still marketing digital weapons — including the powerful Predator spyware — to any bidder other than ethics. It shows the formidable obstacles that regulators confront when trying to rein in the global commercial spyware trade, which maintains a market of state surveillance tools and conduct invasive, silent spying.
The Power of the Alert System
For those who are targeted, a threat notification from Apple or Google is nothing reassuring, but it represents an important early warning. Cybersecurity experts consider these alerts to be among the most effective responses available right now to such sophisticated espionage.
Simply letting a victim know may be enough to derail an entire surveillance operation, pushing the attackers to have to start their collection all over again or wasting months of effort and money. In addition, such public warnings often set the sponsors off on a chain of investigation, leading to political inquiries (as occurred earlier in the European Union after similar targeting of senior officials) and regulatory review that can introduce some real accountability for the abuses involving spyware.
The latest warnings by Apple and Google are a chilling reminder that the geopolitical struggles of the 21st century play out not just in diplomatic clashes and trade disputes, but also on individual computer screens and in the ultra-secure chips hidden inside our electronic devices.
If you’ve gotten a threat notice, the immediate suggested remediation from both companies is to update your device software at once and enable two-factor authentication on all accounts, in addition to changing your passwords.
