New Apple Feature aims to protect High-risk Users from Spyware Attacks

New Apple Feature aims to protect High-risk Users from Spyware Attacks

A new Apple feature has been previewed which aims to help high-risk users from being spied on by enemy states and intelligence agencies.

The feature – called “Lockdown Mode” – is scheduled to arrive later this year with the released of Apple iOS 16 and macOS Ventura. It’s an optional feature for users who believe their computers or smartphones face the real risk of being targeted by sophisticated state-sponsored spyware.

Apple has acknowledged that this feature is “extreme”, and isn’t something anyone other than a small percentage of their users will need to take advantage of.

“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of user who are,” said Ivan Krstić, Head of Security Engineering and Architecture at Apple. “That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”

The number of political activists, lawyers, journalists and diplomats who may be at risk of being targeted by mercenary spyware may be small, but the impact of them being hacked could have grave consequences.

Apple acknowledged in their announcement of Lockdown Mode that it will severely limit your device’s functionality in many ways – but it will come with the added benefit of reducing the user’s risk of being targeted on their devices.

At launch, “Lockdown Mode” will restrict devices by:

  • Making most message attachment types other than images blocked. Some features, like link previews, are disabled.

  • Disabling certain complex web technologies, like just-in-time (JIT) JavaScript compilation, unless the user excludes a trusted site from Lockdown Mode.

  • Blocking incoming invitations and service requests, including FaceTime calls, if the user has not previously sent the initiator a call or request.

  • Blocking wired connections with a computer or accessory when iPhone is locked.

  • Prohibiting configuration profiles from being installed, and not allowing the device to enroll into mobile device management (MDM), while Lockdown Mode is turned on.

Apple says that it will continue to strengthen “Lockdown Mode” and will offer a bounty of up to $2,000,000 to researchers who are able to bypass its security.

Additionally, Apple says it will make a $10 million grant available to support organizations that investigate, expose and prevent highly targeted attacks.

Now, all eyes are on Google to see whether it will roll out a similar feature on Android phones.

 

Story via Tripwire

Log4j labeled an “Endemic Vulnerability” that could persist for Years to Come

Log4j labeled an “Endemic Vulnerability” that could persist for Years to Come

Cyber Command asks Private Sector to Share Intelligence to Aid in Digital Defenses

Cyber Command asks Private Sector to Share Intelligence to Aid in Digital Defenses