Canada

Apple has introduced a ‘lock mode’ to combat spyware attacks on your iPhone, iPad or Mac

Apple plans to release a new feature called “Lockdown Mode” that aims to add a new layer of protection for human rights defenders, political dissidents and other targets of sophisticated hacking attacks.

The announcement, made on Wednesday, comes after at least two Israeli firms took advantage of flaws in Apple’s software to remotely jailbreak an iPhone without the target having to click or touch anything.

NSO Group, the maker of the “Pegasus” software that can carry out such attacks, was sued by Apple and placed on a commercial blacklist by US officials.

“Lock Mode” is coming to Apple’s iPhone, iPad, and Mac this fall, and turning it on will block most attachments sent to the iPhone’s Messages app.

“While the vast majority of users will never be victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” said Ivan Krastic, Apple’s head of security and architecture.

“This includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world who are doing the critical work of uncovering the mercenary companies that create these digital attacks.”

What will “lock mode” do.

Lock Mode will block different types of message attachments, disable link previews, turn off certain web browsing technologies, block invites and FaceTime calls from unknown sources, and disable setting up new configuration profiles or enrolling in Mobile Management devices (MDM).

The new mode will also block wired connections to the iPhone when it’s locked. Israeli firm Cellebrite used such manual links to access iPhones, while security researchers believe NSO Group exploited a flaw in the way Apple handles message attachments.

Apple officials said they believe the sophisticated attacks the new feature is designed to combat — called “zero-click” hacking techniques — are still relatively rare, and that most users won’t need to enable the new mode.

Spyware companies claim to sell high-powered technologies to help governments thwart national security threats. But human rights groups and journalists have repeatedly documented the use of spyware to attack civil society, undermine political opposition and interfere in elections.

To help harden the new feature, Apple said it would pay up to $2 million (€1.95 million) for every flaw security researchers can find in the new mode, which Apple officials say is the highest of its kind bug bounty offered in the industry.

Apple also said it was awarding a $10 million (€9.8 million) grant, plus any potential proceeds from its lawsuit against NSO Group, to groups that detect, expose and work to prevent targeted hacking.

Apple said the grant will go to the Dignity and Justice Fund, created by the Ford Foundation, one of the largest private foundations in the United States.