Apple Collaborates with Nonprofits to Combat Spyware Attacks • iPhone in Canada Blog

Ahead of the election, U.S. Vice President Kamala Harris’s campaign team faced a cybersecurity scare. Two campaign staffers’ iPhones displayed anomalies. Despite reaching out for assistance, Apple declined to conduct a forensic analysis.

Instead, the tech giant adhered to its established procedure of referring potential spyware victims to specialized nonprofits for support (via TechCrunch). This approach highlights Apple’s ongoing efforts to address spyware threats without delving into direct forensic investigations.

When Apple identifies potential spyware activity, it issues “threat notifications” to affected users. These notifications recommend steps such as updating iOS software, enabling Lockdown Mode, and contacting organizations like Access Now, a nonprofit offering digital security assistance.

Apple’s notifications are clear and urgent. They warn users about possible targeting by mercenary spyware and emphasize the gravity of the situation. A sample notification, shared by Access Now, states:

“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple Account… Apple has high confidence in this warning.”

These alerts mark a turning point in spyware accountability. John Scott-Railton, a senior researcher at Citizen Lab, credits these notifications with unveiling significant cases worldwide, from Poland to Thailand. Previously, investigations operated in near-total darkness, but Apple’s alerts now provide researchers and victims with a vital starting point.

Rather than engaging its own engineers for individual cases, Apple directs victims to Access Now’s Digital Security Helpline. Staffed by over 30 specialists, this helpline offers around-the-clock support to individuals in civil society, including journalists, human rights defenders, and activists.

In 2024 alone, Access Now handled more than 4,300 cases, reflecting a growing reliance on their expertise.

While Apple’s measures are widely commended, some experts believe there is room for the company to do more. Eva Galperin, cybersecurity director at the Electronic Frontier Foundation, suggests Apple could enhance its efforts by publishing detailed reports and filing lawsuits against spyware developers.

Since 2012, Apple has issued notifications to users in over 150 countries and continually refines its security measures to counter evolving threats.