Why is it important: California tech giant Apple has filed a federal lawsuit against the company responsible for deploying spyware identified in a recent security incident. In September, the University of Toronto’s Citizen Lab discovered an iPhone vulnerability that was exploited by a well-known cybersecurity / cyberwarfare company. The Pegasus developer claims that their software has helped save thousands of lives around the world and stop many crimes, but has not yet provided data to support this claim.
The lawsuit has been filed against NSO Group and parent company Q Cyber Technologies, neither of whom are new to security headlines. The Israeli company is responsible for the development and deployment of Pegasus, a mobile spy app capable of reading text messages, tracking calls, collecting passwords and tracking location on iOS and Android devices.
The lawsuit stems from Apple’s recent emergency updates, which were rolled out following the discovery of a vulnerability in their iMessages app known as Coercion… The exploit uses an artifact known as CASCADEFAIL, which prevents the complete deletion of data and evidence from the user’s phone. According to the Toronto Citizen Lab, the vulnerability was attributed to the NSO after observing that partial removal only occurred in the presence of Pegasus spyware.
According to Apple, NSO creates government-sponsored technologies used to monitor users without warning them that their data has been compromised. The litigation is aimed at recovering damages from the developer and preventing NSO from using any Apple products and services in the future. This injunction will help prevent further damage to Apple and iOS users from NSO spyware. The lawsuit follows the Ninth Circuit ruling that NSO and Q Cyber are not sovereign entities, making them vulnerable to pending Facebook review. claim…
Apple has pledged $ 10 million, in addition to any damages resulting from the lawsuit, to continue funding cyber surveillance and advocacy groups such as Citizen Lab and Amnesty tech… These advocacy organizations provide important research and data to help ensure that freedom of expression and online privacy is not harmed by digital espionage, various types of filtering, or any other technology designed to impact online human freedoms.
Image Credit: Iphone lock screen Yusef Sarhan