While last week’s Apple event may have ushered in a new wave of iPhones, iPads, and Apple Watches, those planning to stick with older devices should update their firmware immediately as a new software vulnerability affects over 1.65 billion Apple products.
What Is Pegasus Spyware and the NSO Group?
In July, Rocket IT covered news surrounding a highly invasive spyware, known as Pegasus. Created by Israel’s hacker-for-hire firm, NSO Group, Pegasus has been known to infect Apple devices without alerting the victim. While NSO Group argues that this code is used to fight terror and crime, the organization has been known to help governments, mercenaries, and criminals secretly hack the devices of high-profile targets without their knowledge.
From the cybersecurity scandal that took place in late July, Pegasus software was found on the Apple devices of 37 notable journalists and activists. In turn, it’s likely that the unidentified organization that hired NSO Group to launch this attack was provided with each victims’ sensitive communications, data, and passwords. But just as the dust surrounding July’s news started to settle, the spyware has once again been found on yet another activist’s iPhone by researchers in a cybersecurity watchdog organization at the University of Toronto.
Noting that the Pegasus software has been known to show up on the phones of activists, dissidents, lawyers, doctors, nutritionists, and even children, it’s important to take some initiative when it comes to protecting your Apple devices.
How to Prevent Pegasus Spyware on Apple Devices
When Does iOS 15 Release?
On September 20, Apple plans to launch iOS 15 for iPhones and iPads. While updating to this software version will resolve the noted security issues those interested in protecting their iPhones immediately can do so via the iOS 14.8 security update.
How to Check Your iOS Version
To check which software version your iPhone or iPad is currently running, head over to the settings app of your device. Once there, click “General” and then “About” from the menus displayed. If you have an iPhone 6S or newer, the software version listed here should be iOS 14.8 or higher.
If it’s not, make your way back to the General tab and tap “Software Update”. Your device should automatically begin checking for updates, and once it finds the newest once available, go ahead and launch the installation process.
Other Cybersecurity Considerations for iPhones
As technology continues to grow in prevalence, attacks like these are not going away. Rather than simply waiting around for the next vulnerability to be discovered, keep in mind there are some things you can do right now to mitigate even the most complex of smartphone attacks.
Keep Your Apps and iOS Updated
Apple’s security team works tirelessly to ensure its software remains secure. While the Pegasus spyware is a slight abnormality, most security threats take advantage of individuals that continue to run outdated software. Because of this, it’s important to ensure both your iPhone and it’s installed applications remain regularly updated to resolve both known and unknown security risks.
Change Your Passwords
Rocket IT strongly suggests using different passwords for each of your accounts and storing them in a password manager. Doing so ensures that if one of your iPhone apps becomes compromised, the password hackers used to break into one app can’t be used to infiltrate another.
Implement Multi-Factor Authentication
Multi-factor authentication adds another layer of security to accounts, and many iPhone applications make it easy to integrate third-party services, such as Authy or Microsoft Authenticator. Simply put, even if a cybercriminal has your password, deploying MFA requires a would-be hacker to provide another method of verification, such as a fingerprint, facial scan, static PIN, or push notification, when attempting to access your account. For applications used across a business, MFA should be a requirement and should be written into the organization’s cybersecurity policy. For help deploying MFA across a network of employees, email Rocket IT.
Restrict App Permissions
When downloading a new app, many times a pop-up will appear; requesting that the iPhone’s owner give the software permission to complete various activities and collect data. For unfamiliar software, Rocket IT suggests limiting the app’s ability to track your location, access stored media, or launch the iPhone’s camera and microphone. To check a specific app’s permissions, navigate to your iPhone’s settings, scroll down to the app in question, and tap on it. Finally, while Apple plans to roll out new security features in iOS 15, it’s likely that many of those updates will come in waves. To ensure you’re continuously up-to-date on what your iPhone has to offer, subscribe to Sync Up, Rocket IT’s weekly series for trending cybersecurity news.