In a bid to protect its users from state-sponsored spyware, Apple on Thursday announced it is previewing a "groundbreaking" security capability that offers specialised additional protection to users who may be at risk of highly targeted cyber attacks from private companies developing state-sponsored mercenary spyware.
The iPhone maker has two initiatives and one of them is called Lockdown mode which aims at protecting users who may be personally targeted by some of the most sophisticated digital threats.
What is Apple's Lockdown Mode?
Apple is calling it the first major capability of its kind, and it is slated to launch this fall with iOS 16, iPadOS 16, and macOS Ventura. The Lockdown Mode is an extreme, optional protection for a handful of users who face grave, targeted threats to their digital security. “Apple makes the most secure mobile devices on the market. Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” Ivan Krstić, Apple’s Head of Security Engineering and Architecture, said in a statement.
“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are. That includes continuing to design defenses specifically for these users, as well as supporting researchers and organisations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”
Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do are personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware.
Turning on Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura hardens device defences and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.
What protections are included in Lockdown Mode?
Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
Wired connections with a computer or accessory are blocked when iPhone is locked.
Configuration profiles cannot be installed, and the device cannot enrol into mobile device management (MDM), while Lockdown Mode is turned on.
The Cupertino, California-based tech giant also shared details about the $10 million cybersecurity grant it announced in November 2021 to support civil society organisations that conduct mercenary spyware threat research and advocacy. The iPhone maker will continue to strengthen Lockdown Mode and add new protections to it over time.
Aiming to invite feedback and collaboration from the security research community, Apple has also established a new category within the Apple Security Bounty program to reward researchers who find Lockdown Mode bypasses and help improve its protections. Bounties have been doubled for qualifying findings in Lockdown Mode, up to a maximum of $2,000,000.
“The global spyware trade targets human rights defenders, journalists, and dissidents; it facilitates violence, reinforces authoritarianism, and supports political repression,” said Lori McGlinchey, the Ford Foundation’s Director of its Technology and Society Program.
“The Ford Foundation is proud to support this extraordinary initiative to bolster civil society research and advocacy to resist mercenary spyware. We must build on Apple’s commitment, and we invite companies and donors to join the Dignity and Justice Fund and bring additional resources to this collective fight.”