Apple will release a new feature for iPhone, iPad, and Mac operating software designed to protect high-risk users from sophisticated spyware that is linked to human rights abuses.
The new feature — Lockdown Mode — will allow anyone to effectively cordon off parts of their iPhone and other Apple devices from attacks, including unsolicited FaceTime calls and email attachments with the flick of a button.
It is one of the biggest steps by a major tech company to combat the spyware industry, whose tools can break into devices without requiring the victim to click on anything.
Apple’s head of Security Engineering and Architecture Ivan Krstić said in a statement: “Apple makes the most secure mobile devices on the market. Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks.”
“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are. That includes continuing to design defences specifically for these users, as well as supporting researchers and organisations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”
Apple announcement of the Lockdown Mode is an acknowledgement that it had failed to shield products against intrusions from state-backed hackers. Governments have used spyware to keep a tab on huma rights activists, journalists, and opposition leaders. Apple users recently faced a plethora of security breaches, most attributed to the Israel-based NSO Group.
Apple also accepts that spyware makers would likely try to find ways of circumventing the Lockdown Mode. Accounting for that, Apple has announced that it would pay up to $2 million to security researchers who report vulnerabilities in the feature.
The Lockdown Mode, however, comes with some tradeoffs. Device owners will not be able to use certain features such as physically connecting to other computers when the device is on the lockscreen or enrol in mobile device management programme that some employers use for work phones.
There are over a billion iPhones across the world — the new feature is meant for a small fraction of users who have been targeted by spyware. Apple did not specify the number of customers who had been targeted by spyware. However, it said it had notified customers in 150 countries that they might have been targeted.
At launch, the Lockdown Mode will include the following protections:
Messages: Lockdown Mode will block most message attachment types other than images. It will disable some features, like link previews.
Apple services: Incoming invitations and service requests, including FaceTime calls, will be blocked if the user has not sent the initiator a call or request previously.
Wired connections with a computer are blocked when the iPhone is locked.
Configuration profiles cannot be installed and the device cannot enrol into mobile device management when Lockdown Mode is on.