Apple launches Lockdown Mode to block spyware attacks on at-risk users

A woman holds a phone outside NSO officeGetty Images

Apple has announced a new security feature to protect high-risk users from spyware cyber-attacks.

Lockdown Mode will be available in the autumn with the next operating system across all of the company’s iPhones, iPads and Macs.

The setting blocks certain functions and prevents unknown users from calling.

It comes after Apple devices owned by activists, politicians and journalists were infected with spyware.

Apple is currently suing Israeli spyware firm NSO Group, accusing it of targeting victims in 150 different countries with its powerful Pegasus spyware.

The firm’s software could infect both iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras.

NSO Group says its tools are made to target terrorists and criminals and insists it only supplies Pegasus to military, law enforcement and intelligence agencies from countries with good human rights records.

When the extent of the alleged surveillance was revealed last July, Apple faced criticism from privacy and security experts for not protecting users.

It quickly released an emergency software update to all devices to patch up the vulnerability that Pegasus had secretly been using for years.

Now the company is releasing Lockdown Mode as a wider security feature it claims can protect devices from all known spyware currently on the market.

BBC graphic

Lockdown Mode will include the following protections:

  • Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled
  • Web browsing: Certain complex web technologies, like just-in-time JavaScript compilation, are disabled unless the user excludes a trusted site
  • Calls: Incoming invitations including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request
  • Wired connections with a computer or accessory are blocked when iPhone is locked

At launch, Lockdown Mode will be available to all users in the device settings, but Apple suggests it should only be activated if someone is a risk of what it calls “mercenary spyware attacks” – for example a journalist or opposition leader in a repressive regime.

This video can not be played

To play this video you need to enable JavaScript in your browser.

“While the vast majority of users will never be victims of highly targeted cyber-attacks, we will work tirelessly to protect the small number of users who are,” said Ivan Krstić, Apple’s head of security engineering and architecture.

Apple announced it will double the bounty threshold it pays out to ethical hackers who discover security flaws in Lockdown Mode to $2m (£1.7m).

The US firm will also donate $10m to a fund helping organisations expose the misuse of spyware.

“The global spyware trade targets human rights defenders, journalists, and dissidents, and facilitates violence, reinforces authoritarianism, and supports political repression,” said Lori McGlinchey, director, technology and society at the Ford Foundation, which will oversee the grant.

In November, US officials placed NSO Group on a trade blacklist, saying the software had “enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists”.

NSO Group is also being sued by WhatsApp, which accuses it of using the messaging service as a vehicle to spread Pegasus.

Comments

Leave a Reply

Skip to toolbar