Apple launches iPhone security tool to block targeted attacks


  • iOS
  • Thursday, 07 Jul 2022

Apple said the feature is aimed primarily at trying to combat attacks from “spyware” sold by NSO Group and other companies, particularly to state-sponsored groups. — Reuters

Apple Inc introduced a security tool for iPhone, iPad and Mac devices that is designed to prevent targeted cyberattacks on high-profile users such as activists, journalists and government officials.

The optional feature, called Lockdown Mode, will offer “extreme” protection for a “very small number of users who face grave, targeted attacks,” Apple said Wednesday in a statement. The tool vastly reduces the number of physical and digital ways for an attacker to hack a user’s device. Apple said the feature is aimed primarily at trying to combat attacks from “spyware” sold by NSO Group and other companies, particularly to state-sponsored groups.

Over the past several years, state-sponsored entities have hacked high-profile users by gaining remote access to data on their iPhones. Last year, Bloomberg News reported that a number of US State Department employees were hacked and notified by Apple. In November, Apple sued NSO Group, saying the Israel-based company develops tools like Pegasus spyware to abuse and harm Apple users.

Apple said a small number of its users have been targeted by such attacks across 150 countries. The iPhone maker recently put in place a feature that notifies users who are the subject of state-sponsored cyberattacks. That notification system will be updated to inform those people about the new Lockdown Mode, Apple said.

Lockdown Mode will affect the Messages app, FaceTime, Apple online services, configuration profiles, the Safari web browser and wired connections.

With the tool in place, the Messages app will block attachments other than images and disable link previews. Those are two common mechanisms that hackers use to infiltrate devices remotely. The web browser, another frequent conduit for hackers, will also be severely limited, with restrictions on certain fonts, web languages and features involving reading PDFs and previewing content.

In FaceTime, users won’t be able to receive calls from an individual that they haven’t previously called within the preceding 30 days.

Lockdown mode can be turned on using a toggle at the bottom of the privacy menu within the settings app on Apple devices. During the set up, users will be warned that enabling the tool will mean the device “will not function as it typically does” and that “apps, websites, and features will be strictly limited for security and some experiences will be completely unavailable”, according to screenshots of the feature shared by Apple.

Alphabet Inc’s Google offers similar tools for high-profile users, warning them when they are targeted by state-sponsored hackers and promoting strong authentication techniques as a defensive measure.

Apple plans to release Lockdown Mode as part of the upcoming iOS 16, iPadOS 16 and macOS Ventura operating system updates in the next few months. It is also going into testing this week as part of the third beta for developers. The company didn’t say when versions of the feature may arrive on other Apple operating systems, including watchOS for the Apple Watch, but said it plans to add new protections in the future.

Other online services will also get changes in Lockdown Mode, but Apple didn’t specify the exact differences. Features like CarPlay that in some cases require a wired connection won’t work unless a user inputs their passcode, while new configuration profiles and device enrollments into enterprise management software also won’t work in this mode.

Apple also said it would pay researchers a security bounty of as much as US$2mil (RM8.85mil) if they find ways to bypass Lockdown Mode and help improve its protections. The company is also giving a US$10mil (RM44.26mil) grant to the Dignity and Justice Fund, established and advised by the Ford Foundation, to support the investigation and prevention of highly targeted cyberattacks. – Bloomberg

Article type: free
User access status:
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!
   

Next In Tech News

Siemens investigating report employee worked for Russian hacking firm
AI generator Midjourney pauses service over deepfake ‘abuse’
Taiwan says US officials have visited to discuss concerns about chip subsidies
Users hit by multiple unauthorised transactions hope banks will expedite refunds
Hong Kong police seek HK$5.2bil for new 5G system to handle ‘massive’ data gathered by frontline officers
Man used hidden cam to secretly video victims in fitting room, US cops�say
AirTag locates stolen bag at US airport, suspect arrested
Slip, sliding away: Video of two men jumping into river to save runaway car in China delights mainland social media
Hyundai offers free steering locks to combat TikTok thefts
Tweeters, and celebs, await ‘blue tick’ ultimatum

Others Also Read