Apple announces ‘lockdown mode’ to protect devices from cyberattacks

Apple has announced a newQuarantine Mode for iPhone, iPad and Mac to protect against cyber attacks in the style of Pegasus.

Lockdown Mode is an additional protection for users who face “serious, targeted threats to their digital security,” such as journalists and activists, according to Apple.

When the device is in lock mode, apps, websites, and features are restricted for security reasons, and others are completely disabled.

For example, most types of message attachments in the Messages app other than images are blocked, and other features such as link previews are disabled.

Incoming invitations and service requests, including FaceTime calls, are blocked unless the user has previously sent a call or request to the initiator.

The new mode also blocks access to the iPhone while connected to a computer or accessory.

Lockdown Mode will be released this fall with iOS 16, the tech giant’s new software update announced last month.

Lockdown mode will be released this fall with iOS 16, the tech giant’s new software update.

ENABLE LOCK MODE

– On iOS, go to “Settings”.

– Click “Privacy and Security”.

– Click “Lock Mode”.

– Select “Enable lock mode”.

(Lock mode will be available in iOS 16)

Apple said Lockdown Mode is a “last resort” and “secondary” protection for “a very small number of users who face serious, targeted threats to their digital security.”

It provides protection to users who are at risk of cyberattack by private firms developing state-sponsored “spyware” – software that steals information from a device.

Spyware is a specific type of malware (malware) that steals information from a computer and sends it to a third party without the person’s knowledge.

An example is Spyware Pegasuswhich has already been used by governments to spy on world leaders, politicians, journalists, activists, dissidents and other high-profile figures.

Created by the Israeli firm NSO Group, Pegasus is a powerful tool that allows its operator to infiltrate a target’s phone and view its contents, including messages, contacts, and location history.

Pegasus victims include Hanan Elatr, wife of Washington Post Saudi journalist Jamal Khashoggi, who was killed by a Saudi hitman in 2018, and Rula Khalaf, editor of the Financial Times.

“Lockdown Mode is a revolutionary feature that reflects our unwavering commitment to protecting users from even the rarest and most sophisticated attacks,” said Ivan Krstic, head of security and architecture at Apple.

“While the vast majority of users will never be targeted by cyberattacks, we will work tirelessly to protect the small number of users they threaten.

Apple said Lockdown Mode is an extreme and optional protection for

Apple said Lockdown Mode is an extreme and optional protection for “a very small number of users who face serious, targeted threats to their digital security.”

Israeli firm NSO's Pegasus spyware has already been used by governments to spy on journalists, activists and dissidents (file photo)

Israeli firm NSO’s Pegasus spyware has already been used by governments to spy on journalists, activists and dissidents (file photo)

FEATURES OF LOCK MODE

When started, Blocking Mode includes the following:

– Messages: Most types of message attachments, except images, are blocked. Some features, such as link previews, are disabled.

– Web Browsing: Some advanced web technologies such as JavaScript JIT compilation are disabled unless the user removes the trusted site from blocking mode.

– Apple Services: Incoming invitations and service requests, including FaceTime calls, are blocked unless the user has previously sent a call or request to the initiator.

– Wired connections to a computer or accessory are blocked when iPhone is locked

– Configuration profiles cannot be installed and the device cannot be registered with MDM.

“This includes continuing to develop protections specifically for these users, as well as supporting researchers and organizations around the world doing the critical work of exposing the mercenary companies behind these digital attacks.”

The Apple giant listed five lock mode features available at launch, but said it will continue to fortify the tool with additional features over time.

It will also reward researchers who find flaws in the blocking mode, which will help make it more resilient and better protect users.

The tech firm said it is doubling the security reward it is offering researchers who find flaws in the lockdown mode to $2 million (£1.7 million), the highest maximum reward in the industry.

Ron Deibert, director of the Citizen Lab at the University of Toronto, said there was “overwhelming evidence” that the mercenary surveillance industry is fueling “authoritarian practices and massive human rights violations.”

“I applaud Apple for making this important grant, which will send a strong message and help nurture independent researchers and advocacy groups who hold hired spyware vendors accountable for the harm they cause to innocent people,” he said.

Christoph Hebason, director of security research at San Francisco-based Lookout, said blocking mode won’t reduce the “attack surface” of third-party applications unless those applications also implement separate blocking measures.

In addition, the functionality and performance of the user’s device may be limited in lock mode.

“This may be a trade-off that some users might accept for a while, but the inconvenience will create an incentive to turn off lock mode,” Hebason said.

Apple also announced the funding of a $10 million (£8.4 million) grant to support organizations that investigate, expose and prevent cyber attacks and more targeted spyware attacks.

The grant is provided to the Dignity and Justice Foundation, which was created and advised by the Ford Foundation, an organization whose goal is to promote justice throughout the world.

PEGASUS: HOW THE POWERFUL SPY SOFTWARE USED TO HACK JOURNALISTS WORKS

Pegasus is powerful malware – malicious computer software developed by the Israeli security firm NSO Group.

This particular form of malware is known as “spyware” which means it is designed collect data from an infected device without the knowledge of the owner and transfer it to third parties.

While most spyware is limited in its capabilities – it only collects data from certain parts of the infected system – Pegasus appears to be much more powerful, giving its controller almost unlimited access to and control over the infected device.

This includes access to contact lists, email and text messages, and saved photos, videos, and audio files.

Pegasus can also be used to control the phone’s camera or microphone to record video and audio, and access GPS data to check where the phone’s owner has been.

And it can also be used to record any new incoming or outgoing phone calls.

Early versions of the virus infected phones with crude “phishing” attacks, in which users were forced to download the virus to their phones by clicking on a malicious link sent in a text or email.

But the researchers say the software has gotten a lot more sophisticated, using vulnerabilities in regular phone apps to launch so-called “zero-click” attacks that can infect devices without any action from the user.

For example, in 2019, WhatsApp found that 1,400 people had been infected with NSO Group software through a so-called “zero-day” bug – a previously unknown bug – in the app’s call function.

Users were infected when WhatsApp called their phones, whether they answered the call or not.

More recently, the NSO began exploiting vulnerabilities in Apple’s iMessage software, giving it backdoor access to hundreds of millions of iPhones.

Apple says it is constantly updating its software to prevent such attacks, although human rights organization Amnesty says it has found successful attacks against even the most advanced iOS systems.

The NSO Group says Pegasus can also be installed on devices using wireless transceivers located near the target, or downloaded directly to the device if it was stolen first.