Quick News Bit

Apple to tackle the cybersurveillance industry with new Lockdown mode

0

The optional feature will be launched next fall to protect users who are particularly at risk of being targeted by advanced cyberattacks.

Woman hand holding iPhone 11 with Pin code on screen
Image: DenPhoto/Adobe Stock

Apple has announced an expansion to its security arsenal with a new feature called Lockdown Mode, which will be introduced officially this fall with iOS 16, iPadOS 16 and macOS Ventura.

This optional feature will be of particular interest for individuals who might be at higher risk than the average user of a cybersecurity attack.

SEE: Mobile device security policy (TechRepublic Premium)

What exactly is the Lockdown Mode feature?

Lockdown Mode will provide an extreme, optional level of security for users who activate it. It will harden device defenses and strictly limit certain functionalities in order to strongly decrease the attack surface of the device and increase its protection against mercenary spyware (Figure A).

Figure A

Image: Apple. Lockdown Mode ready to be activated on an iPhone.

Two different kinds of attackers can be stopped with Lockdown Mode: Real spyware providers and hackers-for-hire. The latter tend to use less advanced techniques to try to compromise Apple’s devices but still represent a threat, while the professional companies active in the cybersurveillance business have more skills and capabilities for advanced attacks.

Once launched, the Lockdown mode will restrict devices in the following categories:

Messages

Most message attachment types other than images will be blocked. Link previews, amongst other features, will also be disabled. The idea here is to avoid having the user unsuspectingly open a file that could infect the device with malware.

Web browsing

Certain complex web technologies (e.g. just-in-time JavaScript compilation) will be disabled unless the user excludes a trusted site from Lockdown Mode.

Apple services

Incoming invitations and services requests will be blocked if the user has not previously sent a call or request to the initiator. This way, the user can not be targeted via an unknown source of call or request.

Connections

Wired connections with a computer or accessory will be blocked when the iPhone is locked. This will prevent physical exploits that an attacker could use to attempt to take control of the device via network or device communication capabilities.

Configuration

Configuration profiles will not be installed, and the device will not be able to enroll into mobile device management while Lockdown is turned on.

Apple also mentions they will continue adding new protections to the Lockdown Mode over time. A new Apple Security Bounty program has also been launched for the security research community to reward people who would find ways to bypass the Lockdown Mode and help improve its protections, up to a maximum of $2 million.

“Apple makes the most secure mobile devices on the market,” said Ivan Krstić, Apple’s head of security engineering and architecture. “Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks.”

Who should use Lockdown mode?

According to Apple, the feature has really been developed with the idea of protecting “the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from the NSO Group and other private companies developing state-sponsored mercenary spyware.”

Over the last two years, reports around the business of spyware and the companies behind it have increased greatly. The business of cybersurveillance or surveillance-for-hire, a polite way to refer to spying, is now extremely monitored and tracked by some of the major companies on the Internet like Meta and Google.

Helping research organizations

In addition to the announced release of Lockdown Mode, Apple also announced a $10 million USD grant to “support organizations that investigate, expose and prevent highly targeted cyberattacks.”

The grant will be made to the Dignity and Justice Fund, established and advised by the Ford Foundation — a private foundation dedicated to advancing equity worldwide — and designed to pool philanthropic resources to advance social justice globally. The Dignity and Justice Fund is a fiscally sponsored project of the New Venture Fund, a 501(c)(3) public charity.

Disclosure: I work for Trend Micro, but the views expressed in this article are mine.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment