Welcome to the First Column IT Tech Blog

HomeBlog
What is the Apple Mercenary Attack, and Why Should You Care?

What is the Apple Mercenary Attack, and Why Should You Care?

April 24, 2024

Apple rarely sends out alerts about threats, and that is because threats that target Apple devices are somewhat rare in the first place. However, on April 10, 2024, Apple saw fit to send one to certain users in 92 nations by email. These notifications were “designed to inform and assist users who may have been individually targeted by mercenary spyware attacks.” What does this mean, exactly?

Understanding Mercenary Attacks

Your typical cyberattack might be launched without any specific target in mind. Mercenary attacks, however, will be backed by millions of dollars and target a small group of victims. The threat notification email states, “This attack is likely targeting you specifically because of who you are or what you do.”

The email also states what this attack will likely do: "If your device is compromised by a targeted mercenary spyware attack, the attacker may be able to remotely access your sensitive data, communications, or even the camera and microphone."

Has Apple Addressed the Problem?

For starters, Apple has created a support page explaining what users should do if they think the threat has infected their device. This page consists of various best practices:

  • “Update devices to the latest software, as that includes the latest security fixes
  • Protect devices with a passcode
  • Use two-factor authentication and a strong password for Apple ID [we just want to add you should do this with all accounts]
  • Install apps from the App Store [all Android users should only utilize the Google Play store]
  • Use strong and unique passwords online
  • Don’t click on links or attachments from unknown senders”

Apple has also suggested that users who think they might be targeted turn on Lockdown Mode, a setting that limits the device to specific functions and reduces the likelihood of an attack from these types of threats.

While we certainly hope you don’t get struck by these attacks, we want to raise awareness and ensure that as many people know about them as possible. Follow our blog for more notifications of high-profile threats and all things related to business IT.

Previous Post
April 28, 2025
Learn How Resilience is Reshaping the Cybersecurity Landscape
While the goal of cybersecurity is always to prevent threats from taking advantage of your infrastructure, this is becoming more and more challenging as time wears on and threats evolve to changes in cybersecurity discourse. A recent podcast episode from Illumio, “Trust & Resilience: The New Frontlines of Cybersecurity,” explores how trust has become a vulnerability that attackers exploit in new and creative ways. How can cybersecurity as an industry pivot in response to this trend?
April 25, 2025
Everything You Need to Know About Business Tech Updates
While technology is an important part of your business, it shouldn’t be distracting you from carrying out your company’s mission. Indeed, it can be difficult to stay up-to-date on the latest practices and solutions, and it can feel impossible to keep up. While you could adopt the “good enough” policy that many businesses settle for, we think you should take a different approach—one that will make you impossible to compete with if carried out appropriately.
April 23, 2025
Boost Your Business’ AI, Cloud, and Security
Are you constantly looking to improve your small business and stay ahead of the game? Let’s talk about some tech that can seriously boost how you operate: artificial intelligence (AI), cloud computing, and cybersecurity.

Have a project in mind?

Start with our free consultation for VA, DC and MD companies. We will provide a detailed proposal and firm quote based on your specific IT support needs. All at a predictable monthly cost per seat.
Free Consultation - Sign Up Here