Apple to tackle the cybersurveillance industry with new Lockdown mode

The optional feature will be launched next fall to protect users who are particularly at risk of being targeted by advanced cyberattacks.

Image: DenPhoto / Adobe Stock

Apple has announced an expansion to its security arsenal with a new feature called Lockdown Modewhich will be officially introduced this fall with iOS 16, iPadOS 16 and macOS Ventura.

This optional feature will be of particular interest to individuals who might be at higher risk than the average user of a cybersecurity attack.

SEE: Mobile device security policy (TechRepublic Premium)

What exactly is the Lockdown Mode feature?

Lockdown Mode will provide an extreme, optional level of security for users who activate it. It will harden device defenses and strictly limit certain functionalities in order to greatly decrease the attack surface of the device and increase its protection against mercenary spyware (Figure A).

Figure A

Image: Apple. Lockdown Mode ready to be activated on an iPhone.

Two different kinds of attackers can be stopped with Lockdown Mode: Real spyware providers and hackers-for-hire. The latter tends to use less advanced techniques to try to compromise Apple’s devices but still represent a threat, while the professional companies active in the cybersurveillance business have more skills and capabilities for advanced attacks.

Once launched, the Lockdown mode will restrict devices in the following categories:

Messages

Most message attachment types other than images will be blocked. Link previews, amongst other features, will also be disabled. The idea here is to avoid having the user unsuspectingly open a file that could infect the device with malware.

Web browsing

Certain complex web technologies (eg just-in-time JavaScript compilation) will be disabled unless the user excludes a trusted site from Lockdown Mode.

Apple services

Incoming invitations and services requests will be blocked if the user has not previously sent a call or request to the initiator. This way, the user can not be targeted via an unknown source of call or request.

Connections

Wired connections with a computer or accessory will be blocked when the iPhone is locked. This will prevent physical exploits that an attacker could use to attempt to take control of the device via network or device communication capabilities.

Configuration

Configuration profiles will not be installed, and the device will not be able to enroll into mobile device management while Lockdown is turned on.

Apple also mentions they will continue adding new protections to the Lockdown Mode over time. A new Apple Security Bounty program has also been launched for the security research community to reward people who would find ways to bypass the Lockdown Mode and help improve its protections, up to a maximum of $ 2 million.

“Apple makes the most secure mobile devices on the market,” said Ivan Krstić, Apple’s head of security engineering and architecture. “Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks.”

Who should use Lockdown mode?

According to Apple, the feature has really been developed with the idea of ​​protecting “the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from the NSO Group and other private companies developing state-sponsored mercenary spyware. ”

Over the last two years, reports around the business of spyware and the companies behind it have increased greatly. The business of cybersurveillance or surveillance-for-hire, a polite way to refer to spying, is now extremely monitored and tracked by some of the major companies on the Internet like Meta and Google.

Helping research organizations

In addition to the announced release of Lockdown Mode, Apple also announced a $ 10 million USD grant to “support organizations that investigate, expose and prevent highly targeted cyberattacks.”

The grant will be made to the Dignity and Justice Fund, established and advised by the Ford Foundation – a private foundation dedicated to advancing equity worldwide – and designed to pool philanthropic resources to advance social justice globally. The Dignity and Justice Fund is a fiscally sponsored project of the New Venture Fund, a 501 (c) (3) public charity.

Disclosure: I work for Trend Micro, but the views expressed in this article are mine.

Source

The optional feature will be launched next fall to protect users who are particularly at risk of being targeted by advanced cyberattacks.

Image: DenPhoto / Adobe Stock

Apple has announced an expansion to its security arsenal with a new feature called Lockdown Modewhich will be officially introduced this fall with iOS 16, iPadOS 16 and macOS Ventura.

This optional feature will be of particular interest to individuals who might be at higher risk than the average user of a cybersecurity attack.

SEE: Mobile device security policy (TechRepublic Premium)

What exactly is the Lockdown Mode feature?

Lockdown Mode will provide an extreme, optional level of security for users who activate it. It will harden device defenses and strictly limit certain functionalities in order to greatly decrease the attack surface of the device and increase its protection against mercenary spyware (Figure A).

Figure A

Image: Apple. Lockdown Mode ready to be activated on an iPhone.

Two different kinds of attackers can be stopped with Lockdown Mode: Real spyware providers and hackers-for-hire. The latter tends to use less advanced techniques to try to compromise Apple’s devices but still represent a threat, while the professional companies active in the cybersurveillance business have more skills and capabilities for advanced attacks.

Once launched, the Lockdown mode will restrict devices in the following categories:

Messages

Most message attachment types other than images will be blocked. Link previews, amongst other features, will also be disabled. The idea here is to avoid having the user unsuspectingly open a file that could infect the device with malware.

Web browsing

Certain complex web technologies (eg just-in-time JavaScript compilation) will be disabled unless the user excludes a trusted site from Lockdown Mode.

Apple services

Incoming invitations and services requests will be blocked if the user has not previously sent a call or request to the initiator. This way, the user can not be targeted via an unknown source of call or request.

Connections

Wired connections with a computer or accessory will be blocked when the iPhone is locked. This will prevent physical exploits that an attacker could use to attempt to take control of the device via network or device communication capabilities.

Configuration

Configuration profiles will not be installed, and the device will not be able to enroll into mobile device management while Lockdown is turned on.

Apple also mentions they will continue adding new protections to the Lockdown Mode over time. A new Apple Security Bounty program has also been launched for the security research community to reward people who would find ways to bypass the Lockdown Mode and help improve its protections, up to a maximum of $ 2 million.

“Apple makes the most secure mobile devices on the market,” said Ivan Krstić, Apple’s head of security engineering and architecture. “Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks.”

Who should use Lockdown mode?

According to Apple, the feature has really been developed with the idea of ​​protecting “the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from the NSO Group and other private companies developing state-sponsored mercenary spyware. ”

Over the last two years, reports around the business of spyware and the companies behind it have increased greatly. The business of cybersurveillance or surveillance-for-hire, a polite way to refer to spying, is now extremely monitored and tracked by some of the major companies on the Internet like Meta and Google.

Helping research organizations

In addition to the announced release of Lockdown Mode, Apple also announced a $ 10 million USD grant to “support organizations that investigate, expose and prevent highly targeted cyberattacks.”

The grant will be made to the Dignity and Justice Fund, established and advised by the Ford Foundation – a private foundation dedicated to advancing equity worldwide – and designed to pool philanthropic resources to advance social justice globally. The Dignity and Justice Fund is a fiscally sponsored project of the New Venture Fund, a 501 (c) (3) public charity.

Disclosure: I work for Trend Micro, but the views expressed in this article are mine.

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

A series of vulnerabilities on the popular asset management platform Device42 could be exploited to give attackers full root access to the system, according...

Top 5 best backup practices

Give yourself peace of mind by implementing a new backup strategy with our tips....

Indian Power Sector targeted with latest LockBit 3.0 variant

Estimated reading time: 5 minutesAfter the infamous Conti ransomware group was disbanded, its former members began to target the energy and power sectors...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!