In the massive dump of nearly 9,000 purported internal CIA documents released earlier this week by Wikileaks, Apple was featured prominently. Many of the pages and pages of allegedly classified — and in some cases labeled “secret” or “top-secret” — documentation referenced the CIA’s ability to breach the security features of iOS, potentially giving intelligence officials the power to snoop on iPhone users. Now, the Wall Street Journal reports that Apple is working overtime to not only reassure its customers that their devices are secure, but to determine what holes need to be patched, and where they are.
“Apple engineers quickly began calling colleagues to bring them up to speed on the data dump and to coordinate the company’s response to this new security threat,” the report claims.
Apple’s efforts to secure its platform are reportedly being hampered by the fact that, while the leaked documents suggest the CIA has ways to breach iOS, Android, and other mobile platforms, it doesn’t actually describe in detail how those tools function. The data dump didn’t include the actual code of the tools the CIA uses to carry out the hacking it describes, which is both a blessing and a curse for companies like Apple who are trying to fix gaps as quickly as possible.
Not having the code floating around the web is good because it prevents anyone from using the Wikileaks dump to carry out their own hacks, but without the code it’s a great deal more difficult for tech company and security experts to know exactly where to look for flaws.
Apple’s statement on the leak, which was released shortly after the dump began to get attention on major news outlets, suggests the company is taking the matter very seriously, and doesn’t discount the possibility that the CIA indeed knows of flaws that nobody else does:
Apple is deeply committed to safeguarding our customers’ privacy and security. The technology built into today’s iPhone represents the best data security available to consumers, and we’re constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates.
