Apple announced a new security feature Wednesday designed to protect iPhone users from invasive spyware attacks. Dubbed “Lockdown Mode,” the feature promises to “harden” the security posture of your device, drawing a digital moat around its perimeter to protect against infiltration while also hobbling some of its features.
Apple calls Lockdown the “the first major capability of its kind.” It will be available later this fall on iOS 16 and iPadOS 16 and macOS Ventura devices.
When enabled, the new mode disables certain functionalities and features that have provided entry points for spyware infection in the past. The mode blocks most types of message attachments (which have commonly been used for sneaky spyware deployment), as well as wired connections to computers or other devices. It also blocks incoming invitations or requests (such as FaceTime invites) if the user has not previously scheduled them. In some cases, various types of code are blocked from running on the device (the announcement uses just-in-time (JIT) JavaScript compilation as an example).
While the vast majority of users will never be the victims of highly targeted cyberattacks, Apple will work tirelessly to protect the small number of users who are. I’m deeply proud of our next steps, including a groundbreaking feature: Lockdown Mode. https://t.co/SESG7cnG1s
— Ivan Krstić (@radian) July 6, 2022
The company has stressed that Lockdown is an “extreme, optional level of security for the very few.” In this case, the “very few” are likely to be journalists, diplomats, activists, and others who are targeted for “who they are or what they do.” Numerous episodes over the past several years have showed that it is these types of people who are most at risk for spyware targeting.
“Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” said Ivan Krstić, Apple’s head of Security Engineering and Architecture. “While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” she said.
Calling Out NSO
In its announcement on Wednesday, Apple notably called out the NSO Group, the Israeli surveillance firm tied to hacking scandals all over the world like the murder of Jamal Khashoggi, including many cases involving hijacked iPhones. Apple said that Lockdown is designed to protect against “NSO Group and other private companies developing state-sponsored mercenary spyware.” It also announced that it plans to launch a new grant program for researchers who study the spyware industry.
Apple previously sued NSO in November 2021 for its role in hacking iPhone users. NSO is also currently being sued by Meta, the parent company of Facebook, on similar grounds related to the hacking of WhatsApp users.
“Apple is also making a $US10 ($14) million grant, in addition to any damages awarded from the lawsuit filed against NSO Group, to support organisations that investigate, expose, and prevent highly targeted cyberattacks, including those created by private companies developing state-sponsored mercenary spyware,” the company announced.
In an effort to continually improve Lockdown mode, Apple also said that it will be expanding its bug bounty program to look for holes in its security system with rewards up to $US2 ($3) million.
“To invite feedback and collaboration from the security research community, Apple has also established a new category within the Apple Security Bounty program to reward researchers who find Lockdown Mode bypasses and help improve its protections,” the company noted. “Bounties are doubled for qualifying findings in Lockdown Mode, up to a maximum of $US2,000,000 — the highest maximum bounty payout in the industry.”