Tracking the Apple of big brother's eye

Warnings by Apple to a handful of opposition leaders and others that their iPhones could be targets of 'state-sponsored attacks' have caused a stir with the government seeking a probe into the vague threats with assistance from the tech giant. Such assistance could be hard to come by. Apple's threat notifications are not attributed to any source because it can't be sure whether these are false alarms or others have gone undetected. The company issued a security update within days of the release of iOS 17 to what is being seen as an attempt to limit risk from the Predator spyware, detected on the phone of an Egyptian presidential candidate. Such a response is not uncommon. Google patched two security gaps within weeks of each other in September. The sheer pace of the cybersecurity industry requires countermeasures before identification of perpetrators.

The Pegasus spyware has been alleged to have been found on phones of some Indian politicians and journalists, which makes the alarm bells go louder with Apple's latest warning. GoI has not acknowledged any dealings with NSO, the Israeli company that made Pegasus, and a technical committee set up by the Supreme Court could not confirm its use. India's surveillance laws have an absolute ban on hacking. India has cybersecurity agreements with the US, which blacklists companies like NSO, and with Israel.

Technology companies are also flagging heightened security risks from Indian antitrust action that seeks to unbundle software and hardware. Vulnerabilities to malware are appearing in areas opening up for third-party developers. This renders the cybersecurity environment more vulnerable to attacks, particularly from targeted ones by state actors harder to detect. Cybersecurity requires continually evolving engagement between lawmakers and the tech industry. This requires harmonised regulatory structures across jurisdictions.