We commend Apple for standing up so forcefully against governmental-sponsored spyware attacks. To date, they are directly reaching out to people they think were targeted. The tech giant’s early warnings have now touched the lives of citizens in 98 countries. From warning users to searching for the threat, including widely known mercenary spyware such as NSO Group’s Pegasus and Paragon’s Graphite tools. This campaign has one goal, helping to bring awareness and provide resources to victims across the globe.
Most recently, Apple’s 64th notification spotlighted how engaging with these digital rights organizations can help. The company in turn suggested that we reach out to AccessNow, who runs a 24/7 helpline, staffed with researchers who can help investigate spyware incidents. This support has been critical for security researchers in documenting these abuses in countries such as India, El Salvador, and Thailand.
Lorenzo Franceschi-Bicchierai, TechCrunch Senior Writer and our second panelist, highlighted the global context of Apple’s notifications. Franceschi-Bicchierai reports that Apple has been key communicating with victims of these attacks. The tech company has played a critical role in expanding our knowledge of spyware’s widespread reach.
Amir Rashidi is the director of digital rights and security at Miaan Group. What’s more, he believes that the Iranian regime may be behind many of these attacks. He noted that two of the men in Iran come from a family famous in that country for its political activism against the Islamic Republic. Sadly, numerous relatives have been executed for their convictions. Yet their history and legacy make them all the more suspicious, given the context of who was suspected to have orchestrated the attacks.
“I see no reason for members of civil society to be targeted by anyone other than Iran.” – Amir Rashidi
Kashfi, for his part—founder of the security and training firm DarkCell—has worked in helping victims of breaches through the first forensic steps. He admitted the difficulty in tracing dubious spyware back to exact sources.
“Pretty much all victims spooked out and ghosted us as soon as we explained the seriousness of the case to them. I presume partly because of their place of work and sensitivity of the matters related to that.” – Kashfi
The alerts Apple rolled out in 2024 are a landmark move to shield users from advanced surveillance techniques. Their safety and privacy fears have kept numerous victims from speaking with cybersecurity professionals, chilling their interaction with technical experts.
Rashidi further explained just how massive an attack like this could be. He argues that civil society actors have fended off three back-to-back onslaughts. Now he’s worried that these types of incidents are happening every day.
“I believe there have been three waves of attacks, and we have only seen the tip of the iceberg.” – Amir Rashidi
The insidious problem of government-sponsored spyware still threatens the safety of activists, journalists, human rights defenders, and countless others every day around the globe. Apple’s notifications are a powerful reminder of these risks. They equip civil society actors to hold violators accountable and advocate for remedies, and raise visibility of these violations at a time when they’re gravely underreported.
