Apple has announced a new security tool for iPhone, iPad and Mac devices designed to prevent targeted cyberattacks against known users such as activists, journalists and government officials. It will appear in the fall along with the release of new OS versions – iOS 16, iPad OS 16 and macOS Venture.
Some context
Apple has been talking for months about a new real threat to information security – government-funded spyware. You probably remember the scandal surrounding the NSO Group – at the end of last year, Apple sued the Israeli spyware developer Pegasus. NSO Group was convicted of spying on politicians, human rights activists and journalists – the media received a list of potential targets for tracking Pegasus, which contained about 50 thousand phone numbers. Among them were King Mohammed VI of Morocco, French President Emmanuel Macron and Telegram founder Pavel Durov. And Apple is not the first of the Big Five tech companies to take the NSO with a lawsuit. WhatsApp, owned by Meta (formerly Facebook), also sued the NSO in 2019, alleging that it illegally used the company’s servers to send malware to 1,400 phones. No decisions have yet been made in these cases. You can also mention the recent report of the Google Threat Analysis Group, in which, in addition to NSO, the Italian company RCS Labs was mentioned among the developers of this kind of spyware .
Lockdown Mode is Apple’s response to Pegasus and other spyware
The groundbreaking new feature, called Lockdown Mode, is Apple’s answer to new cybersecurity challenges. Separately, Apple notes that most users may never need this new feature. This additional feature will provide extreme protection for a very small number of users who face serious targeted attacks, the company said in a press release.
Once activated, the Lockdown Mode feature blocks certain security features on Apple devices. So, in the “Messages” after activating this function, the preview of links is disabled and most attachments are blocked, except for images. Web browsers disable features such as JavaScript JIT compilation on all sites except those whitelisted by users.
This feature also blocks FaceTime calls and other communication requests from unknown numbers that the user has never called. Wired connections do not work when the device is locked, users cannot install configuration profiles, or register the device with MDM. In the future, Apple will add other protections to Lockdown Mode.
The Cupertino-based company will also offer increased cash rewards for detecting block mode exploits to encourage security researchers to quickly notify it of any weaknesses in the system. The maximum reward is $2 million. In addition, Apple will provide $10 million in grants to support groups fighting targeted cyberattacks. Any legal fees that Apple incurs from a lawsuit against the NSO group will be paid by the fund.
