Apple says it is working fast to fix vulnerabilities in the iPhone and other products after WikiLeaks released material said to show the Central Intelligence Agency was stockpiling malware to break into devices.
“While our initial analysis indicates that many of the issues leaked were already patched in the latest iOS [operating system for iPhones and iPads], we will continue work to rapidly address any identified vulnerabilities,” said Apple.
“Apple is deeply committed to safeguarding our customers’ privacy and security. The technology built into today’s iPhone represents the best data security available to consumers, and we’re constantly working to keep it that way. We always urge customers to download the latest iOS to make sure they have the most recent security updates.”
The WikiLeaks documents, revealed on Tuesday, purported to show an arsenal of malware used by the CIA to hack into individual iPhones and Android devices, as well as Samsung smart televisions.
Google, which makes the Android software for smartphones, could not be reached for comment.
The most powerful of these weapons are so-called zero day exploits — code that takes advantage of new flaws in software that no one else has yet spotted, potentially creating secret back doors that can be used over long periods.
Gus Hosein, executive director of the Privacy International campaign group, said: “The fact that the US government was identifying ways to undermine security of commonly used consumer devices and are even talking about hacking automobiles, that flies in the face of the Obama administration’s response to the Snowden revelations.
“They promised that if intelligence agencies knew of any zero day vulnerabilities, they would notify the companies, so open wounds in the systems can be shut. Otherwise, they can be taken advantage of by foreign entities.”
The trove of CIA data, known as Vault 7, dates from 2013-16, according to WikiLeaks, with the most recent cyber tools targeted at version 9.2 of Apple’s iOS software.
This was replaced by an updated version of iOS last year — the latest release is 10.2 — and “nearly 80 per cent of users run the latest version of [the] operating system”, according to Apple, potentially protecting them from older forms of malware.
Many owners of Google’s Android devices, by contrast, use old versions of the software.
Samsung, whose smart TVs had been compromised, according to the report’s claims, said “protecting consumers’ privacy and the security of our devices is a top priority” and that it was looking into the matter.
It declined to comment on whether it knew about vulnerabilities in its smart TVs or about snooping from foreign agencies.
Mr Hosein said: “We are all realists about this, and I doubt this will be surprising to any technology company. Unfortunately, perfect security is impossible and it’s a constant arms race against hackers. It’s just that Apple shouldn’t be in an arms race with its own government.”
Sample the FT’s top stories for a week
You select the topic, we deliver the news.
