Apple’s new lockdown mode for iPhone hacking

Apple has for years sold its iPhones, iPads and Mac computers as the most secure and privacy-focused devices on the market. Last week, the effort was sparked by a new feature called Lockdown Mode, which is designed to combat targeted hacking attempts such as Pegasus malware, which some governments have used against human rights workers, lawyers, politicians and journalists around the world. Apple announced a $ 10 million grant and a bug bounty of up to $ 2 million to encourage further research into this growing threat.

The tech giant said the lockdown mode is designed to enable “extreme” protection on its phones, such as blocking attachments in messages and link previews, potential hackable web browsing technology and facetime calls from unknown numbers. Apple devices will also not accept accessory connections unless the device is unlocked and people cannot install new remote management software on the device while in lockdown mode. The new feature is already available in test software used by developers this summer and will be released to the public for free in the autumn as part of iOS 16, iPadOS 16 and MacOS Ventura. Here’s how to use Apple’s lockdown mode on iPhone.

“The majority of users will never fall victim to highly targeted cyber attacks, yet we will work tirelessly to protect a small number of users,” said Evan Kristik, Apple’s head of security engineering and architecture, in a statement. “Lockdown mode is an important capability that demonstrates our unwavering commitment to protecting users from rare, sophisticated attacks.”

With the new lockdown mode, which Apple calls an “extreme” measure, the company announced a $ 10 million grant to the Dignity and Justice Fund, established by the Ford Foundation to support human rights and fight social oppression.

The company’s efforts to enhance the security of its devices come at a time when the tech industry is facing targeted cyber attacks from repressive governments around the world. Unlike widespread ransomware or virus campaigns, which are often designed to spread randomly and quickly through homes and corporate networks, attacks like those using Pegasus are designed to gather quiet intelligence.

Last September, Apple sent out a free software update that addressed Pegasus and then sued the NSO group in an attempt to prevent the company from developing or selling any more hacking tools. Potential victims of these hacking tools began sending “threat notifications”, which Apple called “hired spyware.” The company says the number of people targeted in these campaigns is very low, but has notified people in about 150 countries since November.

Other tech companies have also stepped up their approach to security in recent years. Google has an initiative called Advanced Account Protection, designed to add an extra level of security to logins and downloads “for anyone at high risk of targeted online attacks.” Microsoft is increasingly working to dump passwords.

Apple said it plans to expand the lockdown mode over time and announced a bug bounty of up to $ 2 million for people looking for security loopholes in the new feature. For now, it is primarily designed to disable computer features that may be useful but open to people for potential attacks. These include closing some fonts, previewing links, and facetime calls from unknown accounts.

Encouragement for more research
In addition, Apple hopes the $ 10 million grant to the Dignity and Justice Fund will help conduct more research on these issues and expand training and safety audits for those who may be targeted.

“Every day we see these threats expanding and deepening,” said Laurie McGlynch, director of the Ford Foundation’s Technology and Society program, who is working with Apple’s Christie to help fund funding with technical advisors. “In recent years, state and non-state actors have used spyware to track and intimidate human rights defenders, environmental activists and political dissidents in virtually every region around the world.”

Ron Debert, a professor of political science at the Munk School of Global Affairs and Public Policy at the University of Toronto and director of Citizen Lab Cybersecurity Researchers, said he expects Apple’s lockdown mode to be a “big blow” for spyware companies. Governments that depend on their products. “

“We’re doing all we can with the many investigative journalists working on this beat, but it’s done and that’s a big disparity,” he said, adding that Apple’s $ 10 million grant would help attract more work to the issue.