Apple can and must do more to prevent NSO attacks, says Johns Hopkins security professor