Apple Announces New iPhone Lock Mode to Fight Hacking

For years, Apple has marketed its iPhones, iPads, and Macs as the most secure and privacy-focused devices on the market. On Wednesday, it bolstered that effort with a new feature coming this fall called Lockdown Mode, designed to combat targeted hacking attempts like the Pegasus Malwarethat oppressive governments allegedly used on human rights defenders, lawyers, politicians and journalists. He also announced a $10 million grant and up to $2 million in bug bounties to encourage further research into these threats.

The tech giant said lockdown mode is designed to add additional protections to its phones, such as blocking attachments and link previews in messages, potentially hackable web browsing technologies and incoming FaceTime calls. from unknown numbers. Apple devices also won’t accept accessory connections unless the device is unlocked, and users can’t install new remote management software on devices when they’re also in locked mode. The new feature will be available for test software currently in development. used by developers this summer and released free to the public in the fall.

“While the vast majority of users will never fall victim to highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” said Ivan Krstic, head of engineering and security architecture at Apple, in a statement. “Lockdown Mode is a revolutionary capability that reflects our unwavering commitment to protecting users from the rarest and most sophisticated attacks.”

Along with the new lockdown mode, which Apple calls an “extreme” measure, the company announced a $10 million grant to the Dignity and Justice Fund, which was established by the Ford Foundation, to help support people’s rights. man and to fight against social repression.

The company’s efforts to improve the security of its devices come at a time when the tech industry is increasingly facing targeted cyberattacks from oppressive governments around the world. Unlike generalized ransomware or virus campaigns, which are often designed to spread indiscriminately farthest and fastest through homes and corporate networks, attacks like those using Pegasus are designed for silent intelligence gathering. .

Last September, Apple sent out a free software update that addressed to Pegasusand then he sued the NSO Group in order to prevent the company from developing or selling other hacking tools. It has also started sending “threat notifications” to potential victims of these hacking tools, which Apple calls “mercenary spyware.” The company said that although the number of people targeted in these campaigns is very small, it has notified people in about 150 countries since November.

Other tech companies have also broadened their approach to security in recent years. Google has an initiative called Advanced Account Protection, designed for “anyone at high risk of targeted online attacks” by adding additional layers of security to connections and downloads. Microsoft has been increasingly work to dump passwords.

Apple said it plans to expand lockdown mode over time and announced a bug bounty up to $2 million for people who find security flaws in the new feature. For now, it’s primarily designed to disable computer features that may be useful but open people up to potential attacks. This includes disabling certain fonts, link previews, and incoming FaceTime calls from unknown accounts.

Apple representatives said the company is looking to strike a balance between usability and extreme protections, adding that the company is publicly committed to strengthening and improving functionality. In the most recent version of lockdown mode, which is sent to developers in a next test software update, apps that display web pages will follow the same restrictions as Apple’s apps, although users can pre-approve certain websites to bypass lockdown mode if needed. People in lock mode will also need to unlock their device before it connects to accessories.

Encourage more research

Additionally, Apple said it hopes a planned $10 million grant to the Dignity and Justice Fund will help encourage more research into these issues and expand training and safety audits for people. likely to be targeted.

“Every day we see these threats widen and deepen,” said Lori McGlinchey, director of the Ford Foundation’s Technology and Society program, which works with technical advisers, including Apple’s Krstić, to help lead the bottom. “In recent years, state and non-state actors have used spyware to track and intimidate human rights defenders, environmental activists and political dissidents in virtually every region of the world.”

Ron Deibert, professor of political science and director of Citizen Lab cybersecurity researchers at the University of Toronto’s Munk School of Global Affairs and Public Policy, said he expects lockdown mode to Apple is a “crushing blow” to spyware companies and governments that rely on their products. “

“We’re doing everything we can, alongside a number of investigative journalists working on that beat, but that’s it, and that’s a huge asymmetry,” he said, adding that Apple’s $10 million grant will help attract more work on this issue. “You have a huge industry that is very lucrative and almost entirely unregulated, enjoying huge contracts with governments that are keen to engage in this type of espionage.”