Apple is previewing Lockdown Mode, a new security capability coming this fall with a slate of new operating systems designed to harden device defenses and severely limit functionalities of devices that could be exploited by sophisticated spyware, such as solutions from NSO Group and other private spyware providers.
According to Apple, Lockdown Mode is intended to help protect iOS 16, iPadOS 16, and macOS Ventura users that may be personally targeted by sophisticated mobile spyware by providing an extreme, optional layer of security for the few high-profile users who may be targets of sophisticated attacks by nation states.
In messages, most message attachment types and other images will be blocked, and some other features such as link previews will also be disabled.
Lockdown Mode will also limit web browsing and disable certain web technologies such as just-in-time (JIT) JavaScript compilation. Users can exclude a trusted site from Lockdown Mode.
Also blocked are some incoming Apple services, including FaceTime, unless the user has previously sent the initiator a call or request. In addition, wired connections with a computer or accessory will be blocked in Lockdown Mode.
Lockdown Mode will also prevent configuration profiles from being installed, and the device will be unable to be enrolled into mobile device management (MDM) while Lockdown Mode is on.
According to Apple, the company will continue to strengthen Lockdown Mode and add new protections over time and is enlisting the help of ethical hackers through its Apple Security Bounty program to identify weaknesses in the new security feature.
Bounties will be doubled for qualifying findings in Lockdown Mode, with the $2 million maximum payout the highest in the industry, Apple says.
In addition to Lockdown Mode, Apple says it is making a $10 million grant to support organizations that investigate, expose and prevent highly targeted cyberattacks, including those crated by private companies developing state-sponsored mercenary spyware.
The grant—made to the Dignity and Justice Fund—will be in addition to any damages awarded from the lawsuit Apple filed against NSO Group in November 2021 for targeting Apple users with its Pegasus spyware, which has been used by nation states to spy on iOS and Android users, including journalists, activists, dissidents, academics and government officials.
According to Apple, nation states have been able to use Pegasus to access the microphone, camera and other sensitive data on Apple and Android devices after first creating Apple IDs to send malicious data to a victim’s device and install Pegasus.
The Dignity and Justice Fund, established and advised by the Ford Foundation and sponsored by the New Venture Fund, will make its first grants later this year or early 2023 to help expose mercenary spyware and protect potential targets.
The fund will first focus on supporting the development of forensic models to detect spyware, enable partnerships with civil society and the technology industry to identify and fix vulnerabilities, increasing awareness about mercenary spyware and helping human rights groups defend against spyware.