What’s going on
Apple’s new “Lockdown Mode” will be available for its Mac computers, iPads, and iPhones. It is made to combat sophisticated hacking and specialised malware like Pegasus from the NSO Group.
What’s at stake
Even though only a tiny number of people experience these assaults, the danger is increasing. Repressive regimes have spied on human rights advocates, attorneys, politicians, and journalists using Pegasus. Apple claims that over the previous eight months, it has discovered similar assaults on consumers in 150 different countries.
Next steps
Later this year, Apple will make Lockdown Mode available for free, and the company has made a public commitment to ongoing upgrades and enhancements. The business has also increased its bug bounties and created a grant to support more investigation into this problem.
For many years, Apple has positioned its products—including the iPhone, iPad, and Mac—as the safest and most private ones available. It strengthened that effort on Wednesday by announcing a new function called Lockdown Mode that will be available this fall and is made to thwart targeted hacking attempts like the Pegasus malware, which oppressive governments allegedly used on human rights activists, attorneys, politicians, and journalists. Additionally, Apple announced a $10 million grant and a $2 million bug bounty to support additional study into this emerging danger.
According to the tech giant, Lockdown Mode is intended to activate “extreme” security on its phones, including blocking message attachments and link previews, potentially hackable online surfing tools, and incoming FaceTime calls from obscene numbers. Apple devices cannot be installed with new remote management software while they are in Lockdown Mode, and they won’t allow accessory connections until the device is unlocked. In the autumn, as part of iOS 16, iPadOS 16, and MacOS Ventura, the new capability will be made freely available to the general public. It is currently available in test software being used by developers this summer.
Ivan Krsti, Apple’s head of security engineering and architecture, stated in a statement, “While the great majority of users will never be the victims of highly targeted cyberattacks, we will work hard to defend the tiny number of people who are.” Lockdown Mode demonstrates our constant commitment to safeguarding consumers from even the rarest, most sophisticated assaults. It is a ground-breaking feature.
Along with the new Lockdown Mode, which Apple describes as a “extreme” step, the corporation also announced a $10 million donation to the Ford Foundation’s Dignity and Justice Fund in support of human rights and the fight against social repression.
The business’s initiatives to strengthen device security come as the IT sector has to deal with more and more targeted assaults from repressive regimes throughout the globe. Attacks like those utilising Pegasus are aimed for passive intelligence collection, in contrast to broad ransomware or virus operations, which frequently aim to spread indiscriminately the farthest and quickest via residential and business networks.
Apple sued NSO Group in September to prevent it from creating or disseminating any further hacking tools after the firm released a free software update that fixed Pegasus. Additionally, it started notifying potential users of these hacking tools—which Apple refers to as “mercenary spyware”—with “Threat Notifications.” Although just a tiny number of people are targeted in these advertisements, the corporation said that since November, it has alerted consumers in around 150 different nations.
In recent years, other IT firms have also changed how they handle security. By providing additional layers of security to logins and downloads, Google’s Advanced Account Protection project is made for “anyone who is at a heightened risk of targeted online assaults.” Microsoft has been pushing harder and harder to leak credentials.
Lockdown Mode will be expanded over time, according to Apple, which also offered a bug prize of up to $2 million for anybody who can identify any security flaws in the new feature. For the time being, its main purpose is to disable computer capabilities that could be beneficial but expose users to threats. You may do this by disabling certain typefaces, link previews, and incoming FaceTime calls from shady accounts.
According to Apple officials, the business tried to strike a balance between convenience and stringent security measures, and it also made a public commitment to enhancing the function. Applications that show webpages will adhere to the same limitations as Apple’s apps in the most recent version of Lockdown Mode, which is being distributed to developers in a forthcoming test software update. Users can preapprove certain websites to get around Lockdown Mode, though, if necessary. Before connecting to accessories, users of devices in Lockdown Mode must unlock them.
