Recently, SecurityWeek reported an alarming instance of cyber espionage in which US Intelligence Agencies compromised a Chinese infrastructure system by exploiting an iMessage vulnerability, which exposes the potential security risks in the iOS devices, as well as the serious threats facing cyberspace.
iPhone Has Become an Open Door to Compromise
According to a Kaspersky report, the US National Security Agency (NSA) has been conducting directed cyber attacks against a Chinese infrastructure system since March 2022. The agency exploited an unknown vulnerability in iPhone’s iMessage service to gain unauthorized remote control of several employees’ mobile phones, accessing the sensitive data stored on the devices. Through this, the nation-state actor hacked into the core network of the center. In June 2023, Kaspersky revealed the vulnerability in the iOS system, which allowed hackers who know the phone number or Apple ID of the targeted individual to covertly sent an iMessage to the user. The virus contained within the message can execute automatically, even without any user interaction.
Beware of the Backdoors in American Tech Products
Except for iPhones, plenty of vulnerabilities have been uncovered in US software and hardware, according to global cybersecurity companies. For example, the documents leaked by Edward Snowden showed that the NSA planted backdoors in Cisco routers to spy on global critical infrastructure communications. Aside from this, in 2015, some security experts found that the Authentication Backdoor had been implanted into Juniper ScreenOS, a product from the famous US cybersecurity appliance manufacturer Juniper Networks.
Two years later, WikiLeaks released a large collection of documents that detail CIA’s spying operations and hacking tools. The series, code-named “Vault 7,” includes 8,761 documents, that the organization says represents the “majority” of CIA’s hacking arsenal: malware, viruses, trojans, weaponized zero-day exploits, and remote control systems. And in 2018, the US government enacted the CLOUD Act, which can compel American cloud service providers like AWS to disclose customer data stored anywhere in the world–even if the data resides outside the United States. This amounts to granting the government implicit “backdoor access.”
Regarding this, security experts warn that while products from Apple and other American tech companies are touted for their security, any software system may harbor undetected vulnerabilities. Even products marketed as the “safest” may not necessarily be reliable.
Two years later, WikiLeaks released a large collection of documents that detail CIA’s spying operations and hacking tools. The series, code-named “Vault 7,” includes 8,761 documents, that the organization says represents the “majority” of CIA’s hacking arsenal: malware, viruses, trojans, weaponized zero-day exploits, and remote control systems. And in 2018, the US government enacted the CLOUD Act, which can compel American cloud service providers like AWS to disclose customer data stored anywhere in the world–even if the data resides outside the United States. This amounts to granting the government implicit “backdoor access.”
Regarding this, security experts warn that while products from Apple and other American tech companies are touted for their security, any software system may harbor undetected vulnerabilities. Even products marketed as the “safest” may not necessarily be reliable.
Read More From techbullion
