Security on Apple devices might not be as impenetrable as many thought.
Forbes reported this week that Cellebrite, an Israel-based vendor and major U.S. government contractor, is now able to unlock new iPhones. Bryce Austin, CEO at Minneapolis-based IT consulting company TCE Strategy, said if the reports are true, it’s a major blow to the security that all iPhone users assume Apple has built into their devices.
“Ever since the showdown between Apple and the FBI in February 2016, it was assumed that Apple was trying hard to make extremely secure mobile devices,” he said.
Cellebrite reportedly has developed techniques to get into devices through operating systems as recent as iOS 11 and is advertising these techniques to law enforcement and private forensics experts across the globe.
Austin’s advice for consumers and IT leaders in response to this news is two-fold:
- “It’s critical for consumers and for businesses to keep mobile devices patched, and to retire those devices that can no longer be patched.
- It’s critical to adopt a cybersecurity posture that assumes that end point devices can be compromised, and to limit the amount of damage that any compromised end point can do.”
Add that to an earlier leak…
But that’s just the most recent example of Apple’s security woes. Earlier this month, a chunk of Apple’s iOS source code was leaked online. The leak could’ve led hackers and others to comb it for vulnerabilities in iOS for nefarious purposes or to make iPhone jailbreaks easier. The leaked code was quickly removed from GitHub but by that time was the damage may have already done.
“I’d love to know if this was a result of individuals examining the recent iOS source code that was leaked or if the timing was just coincidence,” Austin said.
Either way, it’s clear that the leaked code wasn’t good news for the tech giant.
“Anytime proprietary or intellectual property is leaked publicly, it tends to erode trust in the organization,” said Shane Whitlatch, enterprise vice president at security solutions provider FairWarning.
Apple has always been very careful to safeguard against leaks, which makes this situation unusual. Jonathan Levin, who writes books on iOS and macOS programming, went so far as to tell Motherboard that this was “the biggest leak in [Apple’s] history.” If reports about the ability to unlock iPhones are true, it could prove to be an even bigger security incident than the leaked code.
Advice: Get to the root of the problem
Time will tell the extent to which Apple’s security and reputation have been undermined — and what repercussions will follow — but it’s not too late for your organization to take stock of its security practices.
How should companies respond to leaks like this? It’s all about access, Whitlatch said.
“It’s a possibility that an insider threat could have leaked this source code,” he said. “Organizations need to monitor user access to the crown jewels of their organization, whether it’s a privileged user or a third party vendor who has access to the company network.”
In today’s data-driven business environment, that’s sometimes easier said than done.
“Due to the nature of modern business and the size of a business’s network where data is stored and transferred, it’s hard to keep track of users’ access to this type of proprietary information,” said Whitlatch. “Moving forward, organizations need to develop a birds-eye view of their network so they can properly address access rights management and mitigate risk associated with insider threats who can leak this type of proprietary information.”