Apple Forcedentry Vulnerability

Cybersecurity News

Auxiom’s CEO Matt Loria was a guest on WJR News Talk 760 with Kevin Dietz on Tuesday, September 14, 2021, to talk about the recent Apple Forcedentry security vulnerabilty.

You may have heard, Apple released a new software update for iPhones, iPads, Macs, Apple Watches, and other devices on Monday, September 13, 2021, after discovering a software vulnerability that has been exploited by surveillance software.

In short, an outside organization wrote a program that can execute on its own once it’s sent via iMessage or possibly even email. This type of program is called a “zero-click” exploit and it does not require a user to click anything in order to infect the device.

Matt Loria talks with Kevin Dietz of WJR 760 about the Apple Forcedentry vulnerability and what action end-users and businesses can take to reduce their security risks.

(or read the entire transcript below)

You can listen to Matt’s interview with WJR NewsTalk 760 here:

Matt Loria on WJR NewsTalk 760 September 14, 2021 by Auxiom
  • Matt Loria on WJR NewsTalk 760 September 14, 2021

Read the transcript of Matt Loria’s interview with Kevin Dietz regarding Forcedentry now:

Kevin Dietz @ WJR NewsTalk 760

Apple on Monday advised all users to update their devices after researchers warned that the Israeli spyware company NSO group had developed a way to take control over nearly any Apple Computer, any Apple watch, or any Apple iPhone, it is absolutely terrifying. So John Scott-Railton, senior researcher at The Citizen Lab, which recently discovered the software exploit and notified Apple about it. Pretty scary stuff. Joining us now is Matt Loria, CEO of Auxiom. Good morning Matt, how are you? 

Matt Loria @ Auxiom

Good morning, Kevin. Great. How are you? 

Kevin Dietz @ WJR NewsTalk 760

Good, kind of crazy day yesterday, as suddenly everybody was getting notifications or becoming aware on social media to update their iPhone because of this huge security risk. What what was going on there?

Matt Loria @ Auxiom

Yeah, well, they, they sent out an alert basically saying, hey, we’ve, we’ve been alerted to the fact that this vulnerability exists in our software, and we need to patch it. The vulnerability is, is what they consider a zero-day vulnerability, meaning they had they really just found out about it that day. And, and it was time to patch that hole.

Kevin Dietz @ WJR NewsTalk 760

And so they’re able to do that Apple is a big enough company that they can see what it is and see what the fix is and get it turned around that quickly. 

Matt Loria @ Auxiom

Yeah, luckily, the citizen lab folks, you know, identified it. And it’s been pretty known about this NSO group and their line of software that they’ve created to allow this, in fact, this same type of software was used for the Israeli government to basically spy on the Saudis. So it’s, it’s been a known line of software, it just wasn’t known that there was a vulnerability on the Apple side that it can be used like this. So luckily, the word got out really quickly. And the patch was made. 

Kevin Dietz @ WJR NewsTalk 760

So was this an attack or just a vulnerability and how it was designed? 

Matt Loria @ Auxiom

Well, I don’t think we know just yet if anyone was attacked, more recently with this, I understand that there were some folks that were attacked, I believe it was news agencies that they were after, to control their phones and see what was going on. But I don’t know of anyone in the general public that’s been affected.

Kevin Dietz @ WJR NewsTalk 760

So what do we know about this Pegasus spyware?

Matt Loria @ Auxiom

Well, we know this one is, this one’s a little different, you know, because normally, what we’re saying to people is we’re saying, “Hey, be careful of what you click on here”. But because it could infect your computer, especially if you don’t know somebody, you get somebody something from someone that you don’t know. And you click on it, and it executes some malware on your machines. This one’s really different because there’s actually no need for the user to click on anything. It’s actually using a booby-trapped PDF file that comes in as an iMessage or a text. And, and once it’s there, once it’s been received by your phone, it can actually execute on its own.

Kevin Dietz @ WJR NewsTalk 760

And you will you won’t have any idea that it’s on there, I imagined Now, is this something that was this a deadline last night for it to update? Or is this something people should still update if they haven’t already.

Matt Loria @ Auxiom

if they haven’t already, they should be going right to settings on their iPhone and running the software update. So it’s not it’s definitely not too late. You want to do it right away, though.

Kevin Dietz @ WJR NewsTalk 760

And same with your computer, or your watch, or whatever Apple product you use in there. 

Matt Loria @ Auxiom

Yeah, essentially any Apple product. And in fact, also, Google Chrome put out an alert to that, to do an update on there, because there’s some vulnerabilities that are associated that can carry over to Chrome. So if anybody was logged into Chrome yesterday, there might have been an update button that you would have seen. And if you would have closed and reopened it, it may have executed the update on its own. But otherwise, you can check that as well. 

Kevin Dietz @ WJR NewsTalk 760

So what could happen? what’s the downside here? What’s the worst-case scenario? 

Matt Loria @ Auxiom

Worst case is is that if you don’t run the patch, is that somebody can actually have full control of your devices. And be seeing everything that you’re doing and be exporting information and data off of your phone and bringing it over for their own use and cloning that information. 

Kevin Dietz @ WJR NewsTalk 760

So some people have a good excuse now when they say I didn’t tweet that or I didn’t post that. I think they could blame the zero-day vulnerability now. They were forced to do it. That’s pretty scary. So what, why, who would want to do that? Who would want to take over your phone or computer and what would they do with that? Well, you know, why would they want to do that? 

Matt Loria @ Auxiom

Well, like this one, this one is is a very expensive type of attack. It’s an expensive type of vulnerability that they’re really exploiting, it’s very unlikely that they’re really that anybody’s after anything that you and I may have. It was designed for very targeted attacks to people that would have information that would be very valuable to maybe nation-state type of organizations. So, on this particular one, it doesn’t seem like it’s something that’s currently being used to, you know, truly exploit an end-user, like, like you or I, but what happens is, these are gateway drugs, right? These are when something like this is out, then other copycats can learn from it, and then decide, oh, what would they want to steal from us, which would be the standards, the personal information, the financial information, all of those, those standard types of things that people would want to take. And then also, with the ability to take over your phone, they’ve got the full access to really truly impersonate you, right? So now if you’re, if you’re doing your multi-factor authentication, or you know, where you receive the text, when you put in your password, and says, we’re going to send you a text, if they have full control, they really have all the keys to the kingdom, so the sky’s the limit on what they could use it for. 

Kevin Dietz @ WJR NewsTalk 760

And I guess people could, who are mad at big tech, or mad at Apple, they could just want to bother them by, you know, upsetting as many customers as they have? Do we should we have like, a checklist is this, like our car where, you know, we get to go in for an oil change every 3000 miles and get our tires rotated every so often.

Matt Loria @ Auxiom

Yeah, I mean, there’s a lot of great car analogies, I mean, you definitely want to have your car tuned up every so often and with patching, I mean, you want to just you want to patch as early and as often as you can, especially if you’re just an individual business is having a little bit tougher, because a lot of time the other software that they’re using is dependent on a certain it’s written for a certain level of operating system. So, you might have a company that’s running certain engineering software that is was built for, you know, a certain version of Windows, and when you run an update that might break how that software works. So for the companies, it’s a little bit, it’s a little bit tougher, and that’s why they have to have the help of a professional. But for the individuals, you know, the general hygiene is, is continue to make sure that you reboot your phone once a day that you run updates, you keep the apps up to date, you know, a lot of times all of the security vulnerabilities are addressed, the most known ones are addressed in those in those updates.

Kevin Dietz @ WJR NewsTalk 760

When you say reboot, your phone is set, can you simply just turn it off and back on? Well, that rebooted? Or are you talking about going you know, actual update?

Matt Loria @ Auxiom

Ya know, with an iPhone, you can, instead of just simply holding the power button and sliding the power slide, you push the up, you push the up volume than the down volume, then you hold the other side button. And you hold that until the white Apple insignia comes up on the phone. And so that’ll do a full reboot. And for whatever model phone you have, you can you can Google that. But usually just shutting it off and turning it on doesn’t run the same sort of kind of cleansing that you would want to do on a daily basis. 

Kevin Dietz @ WJR NewsTalk 760

And people who are annoyed by updates because they then have to learn a few little different things. They should also know that there’s usually security in those updates as well that they should be paying attention to. 

Matt Loria @ Auxiom

Oh, yeah, definitely. For sure. You know, the like I said the only people who would who may want to be an update behind would be certain corporate users that, you know, that would want to be talking with their IT professionals about, you know, about when to update, but the general public should be updating as often as possible. 

Kevin Dietz @ WJR NewsTalk 760

All right, Matt Loria, CEO of Auxiom, and thank you so much. It’s a crazy day. We appreciate you helping us out. 

Matt Loria @ Auxiom

Thanks, Kevin. We’ve seen a lot of activity in this realm in the last few weeks. So stay tuned. There’s probably a lot more coming.

If you are a business owner or manager and would like to learn more about steps you can take to keep your business systems and data safe, check out Auxiom’s Cybersecurity Solutions now.

Auxiom is The Gold Standard in Business IT. Led by IT industry veterans with a passion for providing people-focused IT Solutions. Auxiom is a world-class provider of Managed IT Services, IT outsourcing, IT consulting, cloud computing, hosted applications, and other advanced business technology solutions. We help clients remove IT issues and security concerns with solutions, services, proactive planning, and budgeting.

Author

Related Posts

Forescout’s 2024 Threat Review

https://youtu.be/TKNd-Ac9YIc?si=Dr9ElyLC5US_6ggO In this episode of Big Reports in Five Minutes, Earl Duby shares Forescout’s 2024 Threat Review. You’ll want to learn about the alarming increase

Read More »