It sounds like something from a spy movie. Just as Apple was about to launch its iPhone 13 models, it was shaken by news of a powerful security vulnerability that lets hackers take over your iPhone without you knowing.
pple has now released a security fix that all iPhone owners are being urged to implement. Here is a basic explainer about what the security threat is and what to do about it.
What is this security flaw?
It is a very sneaky, powerful vulnerability that has been described as the Holy Grail of hacks by IT security professionals. Unlike scam texts and phishing emails that infect your phone when you tap or click on something, this can get into your iPhone, iPad, Mac or Apple Watch without you doing anything.
It can do things like activate your phone’s camera and microphone or access your text messages and direct messages.
It is a cyber surveillance programme that can examine almost anything on your phone at the behest of whoever is targeting you.
Who is behind this?
An Israeli company called NSO. It makes high-level surveillance software for governments and other bodies who say they want to fight terrorism and crime.
The vulnerability was discovered on the phone of a Saudi activist by an IT security company, which raised the alarm.
But why did Apple not know about this?
It is called a “zero day” exploit, meaning it is new and there was no warning about its existence. In other words, the company was ahead of Apple in its understanding of cyber security.
Is it just iPhones?
No, it is also iPads, Macs (including MacBook laptops) and Apple Watches. Android phones are also generally vulnerable to NSO hacking software, as earlier reports this year attest.
How do I fix it?
Apple put out an emergency security fix for it. On iPhones, this is called iOS 14.8 (on iPads, it is called iPadOS 14.8, while on MacBooks it is called MacOs 11.6).
If you have not already seen a push notification on your iPhone or iPad, you can get to the update by going into Settings and then General followed by Software Update. Once you tap this, you will see iOS (or iPadOS) 14.8. Downloading this will protect your iPhone (or iPad).
How long has this security vulnerability been there in iPhones?
What is the likelihood that my phone has been compromised?
Low. This software, while possibly a game-changer in how we view the safety of iPhones, is used in a very targeted way because it is very expensive to buy.
The fear would be that once the vulnerability is known, criminals will eventually gain access to knowledge of how to exploit it and damage would become more widespread.
So, it has nothing to do with me being plagued with all of those scam calls and texts in recent months?
No. That is a different problem altogether.
Could this have been what Simon Coveney was referring to when he said his phone was hacked?
We cannot be sure (neither the minister nor his departments will talk about it), but it is unlikely. Mr Coveney suggested his phone was hacked in August 2020 in a simpler type of cyber attack.