Apple has announced a new security feature called Lockdown Mode for iPhone, iPad, and Mac devices designed to prevent highly-targeted spyware cyberattacks on a small number of at-risk users such as journalists, activists, and politicians. It will be officially introduced in the fall along with the release of iOS 16, iPad OS 16, and macOS Venture.
Lockdown Mode is Apple's answer to new cybersecurity challenges, specifically government-sponsored spyware. It is turned off by default and can be enabled in the Privacy & Security section of Settings. Lockdown Mode can also be turned off at any time in the same section of the Settings app.
The tech company notes that most users may never use the new optional security feature. Still, it can provide additional security protection for high-risk users who face targeted attacks.
“Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” said Ivan Krstić, Apple's head of Security Engineering and Architecture. “While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are. That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”
Here are the initial protections of Apple's new Lockdown Mode:
- Most message attachment types except images in the Messages app are blocked, and link previews are disabled;
- Some complex web technologies like just-in-time (JIT) JavaScript compilation are disabled by default unless the user excludes a trusted site from Lockdown Mode;
- Incoming FaceTime calls from the people you have not previously called are blocked;
- Wired connections with other devices are blocked when a device is locked;
- The device cannot enroll into Mobile Device Management (MDM), and configuration profiles cannot be installed.
The Cupertino giant promises to add other protections to its Lockdown Mode in the future.
It is noted that the new tool can protect Apple users from Pegasus spyware developed by the Israeli NSO Group, which has previously been accused of selling its technology to governments around the world, as well as other companies that develop state-sponsored spyware.
The company has also doubled the bounty threshold it pays out to ethical hackers who find vulnerabilities and security flaws in Lockdown Mode. The maximum reward now stands at $2 million.
In addition to any damages awarded from the lawsuit filed against NSO Group, Apple will donate $10 million to a fund helping organizations investigate, expose, and prevent highly-targeted cyberattacks.
Last year, Apple sued the Israeli spyware developer NSO Group, which was accused of spying on politicians, human rights activists, and journalists in different countries. Pegasus software could infect both iPhone and Android devices, allowing operators to extract photos, emails, messages, record calls, as well as secretly activate cameras and microphones.