Limits of Defending Against Cyberattacks
A Time for Agile Response to Minimize Damage

[Reporter’s Notebook] Even iPhones Can Be Hacked... No Sanctuary from Cyberattacks View original image

"Apple places the highest priority on security. The company insists on developing on-device artificial intelligence (AI), and it is expected that Apple will strictly protect security by processing personal information used for Apple Intelligence without leaking it externally."


A source in the IT industry I met recently cited privacy protection as Apple's number one principle. As an iPhone user of eight years, I found myself agreeing with this to some extent. Like many other users, I rarely worried about security while using my iPhone. I barely paid attention to phishing text messages impersonating delivery services. This was because Android Application Package (APK) files cannot run on iOS, so phishing texts attempting to trick users into installing APK files are ineffective. Furthermore, seeing both domestic and international investigative agencies struggling with iPhone digital forensics, I could sense Apple's "security marketing" in action.


However, the recent discovery of multiple vulnerabilities has shaken consumer confidence. A prime example is "Koruña," a hacking tool discovered last week by Google's Threat Analysis Group (TAG). According to Google, Koruña is a powerful hacking tool. It combines 23 vulnerabilities to hack older versions of iOS in five different ways, and users can be infected simply by visiting a website embedded with malware. Last month, Apple also recommended an emergency update, stating that security vulnerabilities—such as executing arbitrary code through malicious web content—had been exploited in targeted attacks.


These cases prove that even Apple, long considered a stronghold of security, is not an absolutely safe zone. Apple has maintained safety through its closed iOS system—so much so that it is often described as "a house with no windows for thieves to break into" or as a "walled garden." The structure, which requires users to download only pre-verified apps from the App Store and strictly limits system access permissions, has created a high level of security. However, these recent incidents indicate that hacking tools powerful enough to penetrate Apple's high security standards are emerging. Through this process, users' trust and confidence in Apple's security framework are themselves becoming another vulnerability.


The attack surface for cyber threats is also expanding. As AI agents (assistants) that automate work and daily life gain access to sensitive personal information and data, security risks are increasing. Hacking tools for buying and selling exploits (vulnerability abuses) for financial gain are evolving into an industry in their own right.


Hot Picks Today

"If It's Uncomfortable, They Cut Ties": Three Out of Five U.S. Gen Z Have Broken Off Contact With Family or Friends in the Past Year "If It's Uncomfortable, They Cut Ties": Three O...

Security is no longer a unique strength of a particular company, but rather an area of constant testing. We have entered an era where building walls against cyberattacks is no longer enough for peace of mind. What is needed now is the ability to respond after the fact. The importance of continuously detecting and responding to cyber threats, minimizing damage in the event of an attack, and rapidly restoring systems is growing. Not only companies but also users must develop a nimble mindset to quickly update operating systems when threats are detected.


한글 기사 보기
This content was produced with the assistance of AI translation services.

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.

Today’s Briefing