Apple CEO Tim Cook delivers a keynote during the European Union’s privacy conference at the EU Parliament in Brussels, Belgium October 24, 2018.
Yves Herman | Reuters
Apple announced a new feature for iPhones called Lockdown Mode on Wednesday to protect high-profile users such as politicians and activists against state-sponsored hackers.
Lockdown Mode turns off several features on the iPhone in order to make it less vulnerable to spyware by significantly reducing the number of features that attackers can access and potentially hack.
The tech giant will pay up to $2 million to researchers who find a security flaw in Lockdown Mode.
The announcement comes months after revelations that state-sponsored hackers had the ability to hack recent-model iPhones with “zero-click” attacks distributed through text messages. These attacks can be successful even if the victim doesn’t click on a link.
The iPhone maker has faced increasing calls from governments to address the issue. In March, U.S. lawmakers pressed Apple about attack details, including whether it could detect them, how many had been discovered and when and where they occurred.
Most hackers are financially motivated and most malware is designed to make a user give up valuable information like a password or give the attacker access to financial accounts.
But the state-sponsored attacks that Lockdown Mode are targeting are different: They employ very expensive tools sold directly to law enforcement agencies or sovereign governments, and use undiscovered bugs to gain a foothold into the iPhone’s operating system. From there, the attackers can do things like control its microphone and camera, and steal the user’s browsing and communications history.
Lockdown Mode is intended for the small number of people who think they may be targeted by a state-sponsored hacker and need an extreme level of security. Victims targeted by military-grade spyware include journalists, human rights activists and business executives, according to The Washington Post. Spyware also has allegedly been used to target public officials, including a French minister and Catalan separatist leaders in Spain.
“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” Ivan Krstić, Apple’s head of security engineering and architecture, said in a statement.
There are several types of mercenary spyware, but the best-known version is Pegasus, which was developed by NSO Group in Israel. Recently, researchers at the University of Toronto and Amnesty International have discovered and documented versions of this kind of spyware targeting iPhones.
NSO Group has previously said that its technology is used lawfully by governments to fight pedophiles and terrorists.
NSO Group is disliked by big tech companies, especially Apple, which markets its devices as more secure than the competition. Apple sued NSO Group last year, saying that it is malicious and that it damaged Apple’s business. Facebook parent Meta is also suing NSO Group over its alleged efforts to hack WhatsApp.
Last November, the U.S. Commerce Department blacklisted NSO Group, preventing U.S. companies from working with it, one of the strongest measures the U.S. government can take to strike at foreign companies.
Apple says the vast majority of the 1 billion iPhone users will never be targeted. Mercenary spyware like Pegasus can cost hundreds of millions of dollars, Apple says, so the tools are valuable and are only used to target a small number of users. Once new versions of spyware are discovered, Apple patches the bugs that they use, making the original exploits ineffective and forcing vendors like NSO Group to reconfigure how their tools work.
Lockdown Mode will not be on by default, but can be turned on from inside the iPhone’s settings with a single tap, Apple said. It will also be available for iPads and Macs.
The new feature will be available for testing on a beta version of iOS this week before its planned wide release in the fall.
Read the full article here