Apple Introduces Lockdown Mode To Thwart Spyware Menace
New Lockdown Mode feature for iPhones, iPads and Macs has been introduced, as Apple seeks to combat menace from state-sponsored hacking
Apple continues to expand its privacy toolset, after it introduced a new feature for iPhones, iPads and Macs called Lockdown Mode.
Apple announced on Wednesday that Lockdown Mode is designed to “protect users from highly targeted mercenary spyware.”
It comes after years of controversy over commercial and nation state spyware operations, such as NSO Group’s Pegasus, designed to crack Apple iPhones and Android devices.
Lockdown Mode
What makes spyware so dangerous is that once it is deployed, the user of Pegasus spyware can take complete control of a person’s phone, accessing messages, intercepting phone calls and using the phone as a remote listening device.
This has obvious nation security implications.
And it should be noted that Apple does not willing cede data about its users. Tim Cook famously clashed with the US authorities in 2016, when the firm refused to help the FBI unlock (by creating backdoor access) an iPhone belonging to one of the San Bernardino shooters, Syed Rizwan Farook.
Apple continues to strongly tout its privacy credentials, although it does co-operate with lawful official requests.
With concern at an all time high concerning spyware and nation-state hacking, Apple on Wednesday announced its Lockdown Mode to protect high-profile users, “who face grave, targeted threats to their digital security.”
Apple states that Lockdown Mode is coming in the Autumn with iOS 16, iPadOS 16, and macOS Ventura, and is intended for high-profile users such as politicians and activists who may be targeted by state-sponsored hackers.
“Apple makes the most secure mobile devices on the market,” said Ivan Krstić, Apple’s head of Security Engineering and Architecture. “Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks.”
“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” said Krstić. “That includes continuing to design defenses specifically for these users, as well as supporting researchers and organisations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”
Protection measures
Essentially Lockdown Mode turns off a number features in order to make devices less vulnerable to spyware.
It does this by significantly reducing the number of features that attackers can access and thus potentially hack.
At its launch, Lockdown Mode will include the following protections:
- Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
- Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
- Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
- Wired connections with a computer or accessory are blocked when iPhone is locked.
- Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.
The Lockdown Mode capability further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that could potentially be exploited by highly targeted mercenary spyware, said Apple.
Bug bounties
The firm will continue to strengthen Lockdown Mode and add new protections to it over time.
And Apple has also established a new category within the Apple Security Bounty program to reward researchers who find Lockdown Mode bypasses and help improve its protections.
Bounties are doubled for qualifying findings in Lockdown Mode, up to a maximum of $2,000,000 – the highest maximum bounty payout in the industry.
Apple is also making a $10 million grant, in addition to any damages awarded from the lawsuit filed against NSO Group, to support organisations that investigate, expose, and prevent highly targeted cyberattacks, including those created by private companies developing state-sponsored mercenary spyware.
Lockdown Mode will not be switched on by default, but can be turned on from inside the iPhone’s settings with a single tap, Apple said.
The feature should also be available in the settings for iPad and Mac users.