Mint Explainer: Why did Apple send threat notifications to prominent Indians?

livemint.com:

New Delhi: On 30 October, Apple sent an unusual notification to several prominent Indians, including members of Parliament Raghav Chadha and Shashi Tharoor, Congress media chairperson Pawan Khera, and others. The ‘threat notification’ said their devices may have been targeted by state-sponsored attackers. Mint explains.

Threat notifications, in Apple’s own words, “are designed to inform and assist users who may have been targeted by state-sponsored attackers. These users are individually targeted because of who they are or what they do." Apple uses its own cybersecurity team to track security incidents – from mass breaches, which are relatively common, to targeted attacks against specific individuals. Apple’s threat notification tracks the latter, which are far more rare than mass attacks that use, say, phishing or ransomware.

It is this rarity that makes Apple’s threat notification unusual. The cyber activity that Apple’s threat notifications imply is known as ‘cyber espionage’. Simply put, this is a form of cyber attack that is not just highly sophisticated and often very obscure, but is done specifically in pursuit of a single individual, or small group at best.

A key reason why cyber espionage is so rare is because today, most cyber threats are actively tracked around the world by security researchers and evangelists. Apple, for instance, runs one of the most secure software ecosystems in the world, and prides itself on the security of its devices. Cyber espionage, however, requires highly proficient black-hat hackers (those with malicious intent) to use very expensive tools and codes.