Over the years, people have become wary of their data privacy, especially in the highly sophisticated digital world. Today, data privacy incidents don’t escape the public eye so easily. This is mainly because more and more people are coming to terms with the economic value of data and the damage that data leaks or data breaches can have at an individual or business level.
Recently, there have been significant concerns about the iPhone 13’s privacy features. At one point, people were happy with the software upgrades that blocked third-party tracking as well as the much-anticipated Siri’s on-device speech recognition.
On the other hand, there are worries about Apple’s plan to spy on users’ data as a way of protecting children from sexual abuse and exploitation. This comes after popular spyware was used to successfully exploit iMessage, raising concerns on whether the manufacturer is committed to protecting its customers’ data and online privacy.
Below, we’ve dived deep into the issues surrounding the iPhone 13 privacy features and what you should expect moving forward. Similarly, we’ve highlighted some tips to help you prevent data leaks and data breaches in the online space.
iPhone 13 Data Privacy Mess: The Pegasus Exploit
While Apple’s flagship phones continue to rock the market, many are worried about the potential data privacy and security threats to which the new iPhone could have exposed them. In September 2021, Apple learned of a zero-day vulnerability that allowed a hacker to exploit an iPhone belonging to a Saudi activist.
The flaw was disclosed by Citizen Lab, a cyber-research team at the University of Toronto. After keenly studying the attack, the team noted that the victim didn’t have to click on any links or open malicious files for the device to be infected. According to Citizen Lab, the spyware software used during the attack was Pegasus, developed by the Israeli intelligence company NSO Group. Even so, this wasn’t the first time such incidents had surfaced.
In October 2021, New York Times reporter Ben Hubbard explained in a Times Insider Report how the same software was likely used to hack his iPhone, not only once but twice. Hubbard reported that his phone was compromised in 2020 and 2021 using the zero-day vulnerability technique. Similarly, evidence left on the phone showed two more attempted hacks in 2018.
The worst thing about these attacks is that they are all done remotely, and the owner cannot tell whether their phone has been hacked. This allows the hackers to steal photos & contacts, read messages and even eavesdrop by remotely turning on the camera or microphone.
After learning about the September exploit, Apple moved swiftly to fix the issue, releasing security updates some days later. However, the manufacturer notes that the spyware didn’t pose much danger as the attack was highly sophisticated and quite expensive to develop, meaning the cybercriminal would only use it to target specific individuals.
Spying Users’ Photos to Curb Child Abuse and Exploitation
Besides the concern of the iPhone 13 being vulnerable to the Pegasus spyware, Apple’s flagship phone also falls at the center of another saga: a now-postponed feature that allows Apple to spy and monitor photos or videos for child exploitations. Initially, the new feature was expected to come with the iOS 15, WatchOS 8, iPad OS15, and macOS Monterey.
According to the manufacturer, this feature converts photos and videos into unique bits of code called hashes. These hashes are then compared against a pre-collected database of child exploitation content controlled by the National Center for Missing and Exploited Children.
As you would expect, this feature has been received with mixed reactions. On one end, it seems to be a great solution for the rising cases of online child sexual abuse content. In 2019, there was a 50% surge in these online incidents reported by tech firms: Facebook, Twitter, Snapchat, among other 160 companies.
However, many are convinced that this feature is against the basic human right to privacy. One of the concerns that digital privacy groups and security experts raised is that this kind of surveillance could easily be exploited for other use cases that serve individual/ business interests, putting some people in danger.
A perfect example could be using the feature for targeted ads and promotions or by authoritarian regimes to target activists, journalists, enemies, etc. In an August open letter, several complaints were raised against the privacy-invasive content scanning technology, but Apple is yet to respond directly to these criticisms.
Staying Safe in the Digital World
Regardless of the type of phone you are using; you want to always protect your device and data from malicious actors. Cyberattacks are becoming sophisticated with time, and it takes advanced security measures to keep yourself and your data safe in the digital world. Besides data breaches where a digital attacker targets your device, you should be aware of data leaks caused by human errors and negligence.
To curb data breaches, you should update your phone or device every time there’s a new software update. That way, you can fix known vulnerabilities that could give the attackers access to your data. Similarly, you should avoid installing unknown software or clicking on unknown links as you could fall victim to phishing attacks.
For businesses and individuals alike, data breaches and data leaks are a real threat to data privacy and security. But unlike data breaches, data leaks don’t necessarily lead to data loss unless the leaked data is exploited. That said, there are several ways to prevent data leakage and minimize your exposure to cyberattacks. These include conducting regular third-party risk assessments and using data encryption and endpoint protection services.
Keeping your data safe in the digital environment should be one of your topmost priorities, considering the level of damage that comes with data breaches and data leaks. Whether you are a business owner or an employee of some company, your phone could give the digital invader the access they need to break into the company or business network.
As discussed above, the iPhone 13 has been the center of many data privacy controversies, but data breaches could happen on any phone/device from any manufacturer. If you deal with sensitive data or have access to information that could attract cyber criminals, it’s best to stay prepared at all times.
You can do this by investing in an automated risk and compliance software that scans for cyber threats and fixes common bugs with little to no human intervention. Similarly, you should seek professional guidance from a cybersecurity expert.