Apple Inc. introduced a security tool for iPhone, iPad and Mac devices designed to prevent targeted cyberattacks against high profile users such as activists, journalists and government officials.
The optional feature, called Lockdown Mode, provides “extreme” protection for a “very small number of users who experience severe, targeted attacks,” Apple said in a statement Wednesday. The tool greatly reduces the number of physical and digital ways an attacker can hack into a user’s device. Apple said the feature is primarily aimed at combating “spyware” attacks sold by NSO Group and other companies, particularly to state-sponsored groups.
In recent years, state-sponsored entities have hacked high-profile users by remotely accessing data on their iPhones.
Last year, Bloomberg News reported that a number of US State Department employees have been hacked by Apple and have been notified. In November, Apple sued NSO Group because the Israel-based company develops tools such as Pegasus spyware to abuse and harm Apple users.
Apple said a small number of its users are the target of such attacks in 150 countries. The iPhone maker recently introduced a feature that notifies users of state-sponsored cyber-attacks. That notification system will be updated to inform those people about the new Lockdown mode, Apple said.
Lockdown mode affects the Messages app, FaceTime, Apple online services, configuration profiles, the Safari web browser, and wired connections.
When the tool is in place, the Messages app will block attachments other than images and disable link previews. Those are two common mechanisms that hackers use to infiltrate devices remotely. The web browser, another frequent channel for hackers, will also be severely restricted, with restrictions on certain fonts, web languages, and features related to reading PDFs and viewing content.
In FaceTime, users can’t receive calls from a person they haven’t called in the last 30 days.
Lock mode can be turned on with a switch at the bottom of the privacy menu in the settings app on Apple devices. During installation, users are warned that enabling the tool means that the device “will not function as it usually does” and that “apps, websites and features will be strictly limited for security and some experiences will be completely unavailable”. according to screenshots of the feature shared by Apple.
Google from Alphabet Inc. provides similar tools for high-profile users, alerts them when they are targeted by state-sponsored hackers, and promotes strong authentication techniques as a defensive measure.
Apple plans to release Lockdown Mode as part of the upcoming iOS 16, iPadOS 16, and macOS Ventura operating system updates in the coming months. It will also be tested this week as part of the third developer beta. The company hasn’t said when versions of the feature could come to other Apple operating systems, including watchOS for the Apple Watch, but said it plans to add new protections in the future.
Other online services are also getting Lockdown Mode changes, but Apple hasn’t specified the exact differences. Features such as CarPlay that in some cases require a wired connection will not work unless a user enters their passcode, while new configuration profiles and device registrations in business management software will also not work in this mode.
Apple also said it would pay researchers a security bounty of as much as $2 million if they find ways to bypass Lockdown Mode and help improve security. The company also provides a $10 million grant to the Dignity and Justice Fund, established and advised by the Ford Foundation, to support the research and prevention of highly targeted cyber-attacks.
(Except for the headline, this story has not been edited by DailyExpertNews staff and has been published from a syndicated feed.)