By Aron Solomon
Irony of ironies, I was preparing on Monday afternoon for a Tuesday morning radio interview on the potential cyber vulnerabilities of the 2022 midterm election. At that exact moment, I started to get messages on WhatsApp, Twitter direct message, WeChat, and SMS, from people letting me know that I needed to immediately update all my Apple devices. I admittedly/mercifully run fewer Apple devices than most people I know, primarily my iPhone, which was a relatively recent switch back to iOS from a truly excellent Google phone.
Because I’m naturally (very) suspicious, I started to do some digging into what the issue was and whether this was as truly urgent as people were saying that it was. I’m really not somebody to get rushed into doing a software update for some alleged security breach unless I feel those sources are extremely competent.
After about an hour I felt sufficiently comfortable that this was for real, and a little bit freaked out at the same time as to the nature of what allegedly happened, so I did the update.
For those who may have missed the actual subject matter of what’s going on, this morning the New York Times reported that Apple issued emergency updates to fix a flaw that allows highly invasive spyware to infect anyone’s iPhone, Apple Watch or Mac computer without so much as a click. This all came less than 24 hours before Tuesday’s planned Apple event, in which they are expected to announce yet another new phone, watch, ridiculously expensive earbuds, and whatever else Apple fanatics may be so anxiously awaiting.
While I’m naturally suspicious, I’m also not a fan of conspiracy theories. What we saw this week was probably exactly what it appeared to be – “just” an Israeli cyber arms dealer deploying a surveillance tool to break into Apple devices. Yet anyone who already is or is even considering being a cyber evil-doer for the 2022 midterm election is watching what’s going on today with an eagle eye for several reasons critical to next year’s midterm elections.
The data that has become available in the first 18 hours since this Apple security breach is truly remarkable for somebody who wants to gauge the behavior of a large number of people when faced with a dictate to do a security update in the face of a breach. We can learn what sources were the most effective in informing people about the security breach. We can learn how and when people acted and what percentage of people chose inaction. We can even get more granular and ascertain why people chose the divergent paths of action and inaction and then build decision trees off each of these. Armed with the right data from Monday, someone can figure out what percentage of updates were done in, say, the first 10 minutes. Why would this one point be important? Because that’s around how much time it would take for the first wave of social media rebuttals to appear after a false cyber warning – one that could alter the results of an election or, you know, perhaps begin a war.
While Apple’s core spends much of today glued to their screens for new product and feature announcements, yesterday’s perfectly-timed events will quickly fall into background. Yet what someone seeking to scrape, analyze and apply this data could learn for 2022 is not insignificant and should be an important concern not for a 48-hour news cycle, but should actually make us much more vigilant (spoiler alert: it won’t) over the next 13 months until midterms.