Apple iPhone Lockdown Mode is designed to prevent government-sponsored hacking

Apple CEO Tim Cook delivers the keynote address at the European Union Privacy Conference at the European Parliament in Brussels, Belgium on October 24, 2018.

Yves German | Reuters

Apple announced a new iPhone feature called Lockdown Mode on Wednesday to protect high-profile users such as politicians and activists from state-sponsored hackers.

Lockdown Mode disables certain features on the iPhone to make it less vulnerable to spyware by greatly reducing the number of features that attackers can access and potentially hack into.

Specifically, it disables many preview features in iMessage, restricts JavaScript in the Safari browser, prevents new configuration profiles from being installed, blocks wired connections, thereby preventing device data from being copied, and closes incoming requests to Apple services. including FaceTime.

The tech giant will pay up to $2 million to researchers who discover a security breach in lockdown mode.

The announcement comes months after it became known that state-sponsored hackers could hack the latest iPhones with “zero-click” attacks distributed via text messages. These attacks can be successful even if the victim does not click on the link.

The iPhone maker is facing growing calls from governments to address this issue. In March, US lawmakers pressed apple about the details of the attacks, including whether he could detect them, how many were detected, and when and where they occurred.

Most hackers have financial goals and most malware is designed to trick the user into handing over valuable information such as a password or give an attacker access to financial accounts.

But the state-sponsored attacks targeted by the lockdown are different: they use very expensive tools sold directly to law enforcement or sovereign governments and use undetected bugs to gain a foothold in the iPhone’s operating system. From there, attackers can do things like control the microphone and camera, and steal the user’s browsing history and messages.

Lockdown Mode is for a small number of people who think they might be the target of a government-sponsored hacker and need an extreme level of security. The victims of military-grade spyware are journalists, human rights activists and business leaders. to the Washington Post. Spyware has also allegedly been used to attack government officials, including french minister as well as Catalan separatist leaders in Spain.

“While the vast majority of users will never be targeted by cyberattacks, we will work tirelessly to protect the small number of users who are threatened by them,” Ivan Krstic, head of security and architecture at Apple, said in a statement.

Pegasus

There are several types of spyware mercenaries, but the most famous version is Pegasus, developed by the NSO Group in Israel. Recently, researchers at the University of Toronto as well as Amnesty International discovered and documented versions of this type of spyware targeting the iPhone.

The NSO group has previously said that its technologies are legally used by governments to fight pedophiles and terrorists.

The NSO Group is not liked by big tech companies, especially Apple, which positions its devices as more secure than competitors. Apple sued the NSO Group last year, claiming it was malware. hurt Apple’s business. facebook parent Meta is also suing NSO Group for its alleged attempts hack whatsapp.

Last November, the US Department of Commerce blacklist NSO Grouppreventing US companies from doing business with him, which is one of the most drastic measures the US government can take to hit foreign companies.

Apple says the vast majority of its 1 billion iPhone users will never be targeted. Mercenary spyware like Pegasus can cost hundreds of millions of dollars, Apple says, so the tools are valuable and only used to target a small number of users. As soon as new versions of spyware are discovered, Apple fixes the bugs they use, rendering the original exploits ineffective and forcing vendors like the NSO Group to reconfigure their tools.

According to Apple, lock mode won’t be enabled by default, but it can be turned on in iPhone settings with a single tap. It will also be available for iPad and Mac.

The new feature will be available for testing in the iOS beta this week, before its mass release is scheduled for the fall.