Why did the Govt suddenly question Apple? Spyware alerts trigger big security check nationwide

In an update to the spyware controversy Apple Inc., the Government of India(BHARAT) has reportedly sent a notice to the American technology major after Apple started sending fresh notifications to users in India(BHARAT) regarding spyware threats.

As per media reports, Apple had earlier this month sent out notifications to users worldwide – including in India(BHARAT) – that their devices may have been targeted for exploitation by sophisticated spyware. The spyware, which Apple categorizes as “mercenary,” was reportedly found in India(BHARAT) and identified as part of operations by surveillance contractors or state-sponsored hacking groups. The notifications were part of a global wave of alerts that Apple sent on December 2 and 3, warning users that their devices may have been targeted to access their data or control their devices.

Responding to Apple’s threat notifications, MeitY had sent a notice to the company seeking details on the alerts and has also urged Apple to be more transparent with its users. Sources have further stated that the Government has been in touch with Apple over the alerts. Apple has reportedly responded to queries, stating that the messages were due to an automated process and that no user has ever been compromised without their knowledge.

CERT-In Advisory

Issuing an Advisory on the matter, CERT-In has also released Advisory CIAD-2025-0048 on the same which is as follows-

“The Computer Emergency Response Team of India(BHARAT) (CERT-In) has issued an advisory for Apple users whose devices have been marked for potential spyware attacks.”

“Recommendations have been provided in the advisory for users whose devices have been targeted by spyware. Apple has also enabled users to have their devices checked voluntarily, and technical assistance has been provided for this. Users can get their devices scanned by sending an email to CERT-In for assistance.”

“In its advisory, CERT-In has advised users to immediately update their devices to the latest version of iOS (preferably iOS 26.1 or later), update cloud services and messaging applications to the latest version, and enable advanced protections, such as Lockdown Mode. Users are also advised not to be alarmed by the warnings and to avoid clicking on any suspicious prompts or performing any suspicious actions.”

“Cyber experts have said that the threat notifications have once again highlighted the issue of the growth of mercenary spyware and the lack of attribution for various threats. Attackers, whether commercial spyware vendors or state-sponsored threat actors, are expected to continually shift their focus and techniques to target devices and are likely to continue using zero-day flaws or vulnerabilities in popular mobile operating systems.”

Meghna Bal, director, Esya Centre, has said that “mercenary spyware attacks, whether directed towards India(BHARAT)n or foreign targets, will have a damaging effect on cybersecurity at both an international and domestic level. This can be used to undermine the rule of law or the democratic character of states, and although mercenary surveillance tools are often sold as assisting law enforcement, the use of offensive cyber capabilities by hostile states against others is rarely beneficial to human rights and civil liberties, even if intended for legitimate purposes. Companies may choose to operate in democracies in order to further democratic freedoms in cyberspace and to limit attacks on civilians. In other words, these firms must understand their accountability to democratic societies.”

In 2023, Apple had sent notifications to users in India(BHARAT) as well. In response, MeitY had requested Apple to clarify details on similar notifications after certain journalists and political opponents had received warnings of potential hacks.