Latest news with #TarunWig
Entrepreneur
13-05-2025
- Business
- Entrepreneur
Apple's Security Flaws: Will They Dent Its Rising Success in India?
In Q1 FY25, Apple registered 23% year-on-year growth in India, its challenge now is sustaining this rise without compromising the trust that built its brand Opinions expressed by Entrepreneur contributors are their own. You're reading Entrepreneur India, an international franchise of Entrepreneur Media. Apple is enjoying its best-ever run in India while simultaneously facing rising concerns over its software security. A recent high-severity warning from the Indian Computer Emergency Response Team (CERT-In) is raising questions around its image for privacy and security. Apple users in India particularly those using devices operating on iOS versions earlier than 18.3 and iPadOS versions before 17.7.3 have been urged to update immediately. CERT-In flagged multiple vulnerabilities that could allow malicious apps to take full control of devices, access sensitive data, or even render them unusable. Affected devices include iPhones from the XS model onwards and a wide range of iPads, including the Pro and Air series. Apple business boom in India Apple shipped a record 3.2 million smartphones in the first quarter of FY25, registering a 23 per cent year-on-year growth, the highest among any brand in the Indian market, according to the International Data Corporation (IDC). For the first time, it entered the top five smartphone brands, even pushing Xiaomi off the list as the latter's market share dropped by 48 per cent year-on-year. Nearly half of Apple's sales came from older generation iPhones, particularly in Tier-2 cities and beyond. This surge was driven by aggressive affordability schemes, including a 24-month no-cost EMI offer, and strategic pricing during festive seasons. Notably, the iPhone 16 alone accounted for 4 per cent of total smartphone shipments in India during the quarter, making it one of the top 5G models alongside Xiaomi Redmi 14C and OPPO K12x. Apple's India revenue is projected to rise by 20 per cent in FY25, with analysts predicting that India will become the iPhone-maker's third-largest market after the US and China within the next two to three years. Apple CEO Tim Cook, speaking after the March quarter earnings, remarked, "We did grow by strong double-digit, and were very, very pleased about it. I see India as an incredibly exciting market, and it's a major focus for us. In terms of the operational side or the supply-chain side, we are producing there—from a pragmatic point of view, you need to produce there to be competitive." A crack in the fortress? While Apple has long marketed itself as a privacy-first company, the recent vulnerabilities shake the very foundation of its competitive edge. "These flaws expose users to significant risks, allowing malicious applications to potentially render devices inoperable or 'brick' them," explained Tarun Wig, Co-founder and CEO of Innefu Labs. "These vulnerabilities, if exploited, could enable unauthorised access to sensitive user data such as financial details, personal communications, and more." The severity of the flaws isn't just in their potential damage but in their reach. Unlike high-profile attacks like Pegasus, which targeted individuals of interest using zero-click exploits, these vulnerabilities can impact a broad user base. Pegasus, for example, used a flaw called "FORCEDENTRY" in Apple's iMessage service. In contrast, Wig said, the current vulnerabilities span multiple system components such as Apple Intelligence Reports, CoreBluetooth, and TCC (Transparency, Consent, and Control) frameworks. "These flaws are less targeted but equally dangerous. They pose a broader risk to the general user base." Threats for enterprises The implications for businesses are particularly alarming. In India, where more professionals now use iPhones for business, the stakes are high. "Apple vulnerabilities are a significant risk for enterprises, especially for executives, potentially leading to sensitive data breaches or network infiltration," said Advocate (Dr.) Prashant Mali, Cyber Crime Expert. While suggesting measures, Mali said, "Key measures include mandatory and timely software updates, robust Mobile Device Management (MDM), security awareness training, multi-factor authentication (MFA), and a clear incident response plan." While Apple's swift patching response is commendable, Mali argued that it's not enough. "Apple's quick release of patches is vital and effective for known threats…however, the ongoing discovery of significant vulnerabilities suggests that while patching is necessary, continuous efforts in secure development and system architecture are also important." Will buyers rethink loyalty? Despite the security concerns, Apple's momentum in India doesn't appear to be slowing down. In fact, it continues to dominate the premium and ultra-premium segments, while also making inroads into Tier-2 markets, where the social prestige associated with Apple remains a powerful draw. On the other hand, in Q1 FY25, Vivo led the overall smartphone market in India with a 19.7 per cent share, followed by Samsung and Oppo. Until other brands offer comparably robust security solutions, Apple may still be perceived as the safer option. The question now is not whether Apple can grow in India—it clearly can—but whether it can do so without compromising the very trust that brought it here.
Economic Times
08-05-2025
- Business
- Economic Times
Cyber sleuths ramp up vigil on critical infra as Pakistan conflict spills online
Live Events Central and state cybersecurity agencies are on high alert as escalating Indo-Pakistan tensions are expected to fuel major cyber threats and misinformation campaigns over the next few signs of heightened threat activity have already emerged across utilities such as oil and gas, electricity grids, and telecom networks, particularly in states bordering conflict zones and the national capital, cybersecurity experts tracking the events told Wednesday morning, soon after India carried out a series of air strikes on terror infrastructure sites in Pakistan-occupied Kashmir and Pakistan, cybersecurity consultants and digital forensics teams issued advisories to banks, stock exchanges, and key digital public platforms like Aadhaar and UPI, urging immediate shutdown of non-essential systems and ramped-up Stock Exchange and BSE have temporarily restricted access to their website for international users."The cyber threat was particularly very high yesterday. The restriction for foreign IP (Internet protocol) addresses will continue until further notice," said a person close to the has been restricted since 1 pm yesterday. However, if there is any specific request from a client then exchanges are considering it, sources exchanges took the decision after consulting declined to comment. A spokesperson for BSE said: "BSE being a critical market infrastructure institution (MII) proactively and continuously monitors risks at domestic and international level for potential cyber threats. Based on such monitoring of cyber traffic, as a precautionary and protective measure, websites / locations are blocked to protect users and systems. The monitoring is dynamic and access is restored on a case to case basis subject to assessment of the threat." Tarun Wig, cofounder and CEO of Delhi-based information security provider Innefu Labs, said, "Given the tit-for-tat nature of these cyber exchanges, we assess that tensions are likely to remain high or even intensify."Innefu Labs' clients include the Defence Research and Development Organisation (DRDO), the Reserve Bank of India (RBI), and the Central Reserve Police Force (CRPF) among others."India's cyber defence agencies have rapidly mobilised," Wig said. "CERT-In and other cells are on high alert, implementing system hardening and AI-enabled monitoring. Real-time intrusion detection and incident response have been scaled up."According to Kaspersky's Cyberthreat Live Map, India has experienced a noticeable surge in cyberattacks since May 5, warn that the fallout could surpass the cyber impact seen after the 2019 Pulwama attack, with recent detections of sophisticated malware and spear-phishing campaigns, suggesting a well-coordinated analysts note that offensive cyber operations often mirror geopolitical flare-ups, so further spikes in hacking incidents are expected.
