This story is part of Focal Point iPhone 2022, CNET’s collection of news, tips and advice around Apple’s most popular product.
Apple is developing a new “Lockdown Mode” for its iPhones, iPads and Mac computers. It’s designed to fight industrial-strength hacking like the NSO Group’s Pegasus.
Why it matters
Though these attacks happen to a small group of people, the threat is growing. Pegasus was used by to spy on human rights activists, lawyers, politicians and journalists around the world. Apple says it’s identified similar attacks on people in 150 countries over the past eight months.
Apple will release Lockdown Mode for free later this year and says it’s planning regular updates and improvements. The company has also expanded its bug bounties and established a grant to encourage further research toward this issue.
Apple for years has marketed its iPhones, iPads and Mac computers as the most secure and privacy-focused devices on the market. Last week, it bolstered that effort with a new feature coming this fall called Lockdown Mode, designed to fight targeted hacking attempts such as the Pegasus malware, which some governments reportedly used on human rights workers, lawyers, politicians and journalists around the world. Apple also announced a $10 million grant and up to $2 million bug bounty to encourage further research into this growing threat.
The tech giant said that Lockdown Mode is designed to activate “extreme” protections to its phones, such as blocking attachments and link previews in messages, potentially hackable web browsing technologies, and incoming FaceTime calls from unknown numbers. Apple devices will also not accept accessory connections unless the device is unlocked, and people can’t install new remote management software on the devices while they’re in Lockdown Mode as well. The new feature is already available in test software being used by developers this summer and will be released for free publicly in the fall as part of iOS 16, iPadOS 16 and MacOS Ventura. Here’s how to use Apple’s Lockdown mode on an iPhone.
“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” said Ivan Krstić, Apple’s head of security engineering and architecture, in a statement. “Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks.”
Apple designed Lockdown Mode to be easy to turn on, through the settings app on its devices.
Along with the new Lockdown Mode, which Apple calls an “extreme” measure, the company announced a $10 million grant to the Dignity and Justice Fund, which was established by the Ford Foundation, to help support human rights and fight social repression.
The company’s efforts to enhance its device security comes at a time when the tech industry is increasingly confronting targeted cyberattacks from oppressive governments around the world. Unlike widespread ransomware or virus campaigns, which are often designed to indiscriminately spread furthest and quickest through homes and corporate networks, attacks like those using Pegasus are designed for quiet intelligence gathering.
Read more: Why Apple’s developing a new level of security for your iPhone
People have to restart their devices before Lockdown Mode will turn on.
Last September, Apple sent out a free software update that addressed Pegasus, and then it sued NSO Group in an effort to stop the company from developing or selling any more hacking tools. It also began sending “Threat Notifications” to potential victims of these hacking tools, which Apple calls “mercenary spyware.” The company said that while the number of people targeted in these campaigns is very small, it’s notified people in about 150 countries since November.
Other tech companies have also expanded their approach to security in recent years. Google has an initiative called Advanced Account Protection, designed for “anyone who is at an elevated risk of targeted online attacks” by adding extra layers of safety to logins and downloads. Microsoft has been increasingly working to dump passwords.
Apple said it plans to expand Lockdown Mode over time, and announced a bug bounty of up to $2 million for people who find security holes in the new feature. For now, it’s designed primarily to disable computer features that may be helpful but that open people to potential attacks. That includes turning off some fonts, link previews and incoming FaceTime calls from unknown accounts.
Read more: How to Use Apple’s Lockdown Mode to Guard Against an Industrial-Strength iPhone Hack
Apple representatives said the company sought to find a balance between usability and extreme protections, adding that the company is publicly committing to strengthening and improving the feature. In the most recent iteration of Lockdown Mode, which is being sent to developers in an upcoming test software update, apps that display webpages will follow the same restrictions that Apple’s apps follow, though people can preapprove some websites to circumvent Lockdown Mode if needed. People in Lockdown Mode will also have to unlock their device before it’ll connect with accessories.
Encouraging more research
In addition, Apple said it hopes a planned $10 million grant to the Dignity and Justice Fund will help encourage more research on these issues and expand training and security audits for people who might be targeted.
“Every day we see these threats broadening and deepening,” said Lori McGlinchey, director of the Ford Foundation’s Technology and Society program, who is working with technical advisers including Apple’s Krstić to help direct the fund. “In recent years, state and non-state actors have used spyware to track and intimidate human rights defenders, environmental activists and political dissidents in virtually every region of the world.”
Ron Deibert, a professor of political science and director of the Citizen Lab cybersecurity researchers at the Munk School of Global Affairs and Public Policy at the University of Toronto, said he expects Apple’s Lockdown Mode will be a “major blow” to spyware companies and the governments who rely on their products.”
“We’re doing all we can, alongside a number of investigative journalists working this beat, but that’s been it, and that’s a huge asymmetry,” he said, adding that Apple’s $10 million grant will help attract more work toward this issue. “You have an enormous industry that’s very lucrative and almost entirely unregulated, profiting from huge contracts from governments that have an appetite to engage in this type of espionage.”