Apple’s Lockdown Mode Intends to End State-Sponsored Spying
© AP Photo / Matthias SchraderIn this Wednesday, Dec. 16, 2020 file photo, the logo of Apple is illuminated at a store in the city center in Munich, Germany. Apple said late Wednesday Sept. 1, 2021, it is relaxing rules to allow some app developers such as Spotify, Netflix and digital publishers to include an outside link so users can sign up for paid subscription accounts.
© AP Photo / Matthias Schrader
Apple has been making privacy a big part of its appeal since May of this year when they debuted the catchphrase “Privacy. That’s iPhone.”
Apple has announced a new feature coming this fall intended to protect high-profile users, including politicians, journalists, activists, and dissidents, from state-sponsored cyber attacks.
The new feature, called Lockdown Mode, will limit several features of the iPhone but in doing so will close multiple vulnerabilities to targeted spyware attacks, like those used by the Israeli company NSO Group.
That last feature’s removal is intended to block a method used by NSO Group’s Pegasus software that uses GIFs to exploit iMessage without requiring the user to click or even look at the message.
“Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” said Ivan Krstić, Apple’s head of Security Engineering and Architecture, in the company’s announcement post.
Lockdown Mode will be available in the beta version of iOS starting later this week and is planned for a full release in the fall. The new feature will also become available at that time on iPads and MacOS Ventura.
For most users, Apple does not recommend activating Lockdown Mode on their iPhones. Apple’s default security measures should be enough, they say, to prevent most types of spyware and malware as long as users follow common best practices online. Most commonly, spyware is spread through malicious code included in shady websites that are promoted through spam emails and texts, usually requiring the user to click on a link.
However, highly targeted and expensive spyware, like NSO Group’s Pegasus, have used “zero-click” exploits, that is, vulnerabilities that do not require the end-user to click on anything. It has been used by the governments of dozens of countries, including Uganda, who used it to spy on diplomats and employees at the US embassy. Human rights activist Ahmed Mansoor was also targeted by the software and was the first to expose it after sending a suspicious link to the Citizen Lab of the University of Toronto.
NSO Group claims that its software is used at the behest of governments to catch criminals and terrorists. The United States Commerce Department blacklisted NSO Group last November, banning U.S. companies from working with the hacking group.
Apple also announced that their bug bounty program will be doubled, to $2 million, for any researchers who find vulnerabilities in Lockdown Mode. Apple claims that is the largest bug bounty payout in the industry.
NSO Group was sued by Apple last year, with the tech giant claiming that NSO Group negatively affected its business. Meta* is also involved in a lawsuit against NSO Group after it allegedly attempted to hack Meta’s WhatsApp messaging app.
In addition to the new Lockdown Mode feature and the bug bounty, Apple also announced a $10 million grant, that will additionally include any damages awarded to it from its lawsuit against NSO Group, intended to help groups “investigate, expose and prevent highly targeted cyberattacks, including those created by private companies developing state-sponsored mercenary spyware.” The grant will be managed by the Dignity and Justice Fund, run by the Ford Foundation.
“The global spyware trade targets human rights defenders, journalists, and dissidents; it facilitates violence, reinforces authoritarianism, and supports political repression,” said Lori McGlinchey, the Ford Foundation’s director of its Technology and Society program, in Apple’s announcement.
The Dignity and Justice Fund plans to issue their first grants late this year or early 2023.
*Meta is banned in Russia