Apple launches ‘lockdown mode’
Apple is rolling out a new “lockdown mode” setting to protect vulnerable users like journalists and political activists against high-powered hack attacks from spyware apps like NSO Group’s Pegasus, the Israeli-developed program that allows the user to covertly spy on a device’s owner through its camera, screen, and microphone.
The new setting will come with iOS 16, which will be released in the fall, the company announced on Wednesday, explaining the new setting was intended for users facing “grave, targeted threats to their digital security.” It will also be included with iPadOS 16 and macOS Ventura.
Lockdown mode will block most message attachments and block incoming FaceTime calls from users the device owner has not previously contacted. It will also prevent access to an iPhone when connected to a computer or accessory if the phone is in a locked state.
The NSO Group insists it only sells its spyware to governments who plan to use it to track terrorists and other criminals and claim it rigorously vets customers' human rights records before letting them use the app. However, Pegasus was exposed to have infiltrated hundreds of journalists and political activists’ phones and is believed to have been used to target tens of thousands more, according to a recent investigation.
Many countries’ governments have been accused of deploying it against political opposition. While Apple has not revealed how many iPhone users have been attacked via Pegasus or copycat programs, it is suing the company in the US.
The tech giant expects the mode to be used by a “very small number of users.” It would include only those at risk of targeting by the “most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware.” Meanwhile, it has offered a reward of $2 million to anyone who can find a way to circumvent the new protections.
Pegasus can infect a phone through “zero-click” attacks which do not require the user to download an attachment or otherwise interact with the hacker. While earlier versions of the spyware required a user to click on a link in a text or email, more recent versions of the spyware exploit security flaws in a device’s OS, meaning the responsibility is on Apple (or Google, in the case of Android phones) to ensure users are safe.
Determining whether a phone has been infected by Pegasus is all but impossible for the average user, as the app hides itself in the root of the OS and self-destructs if it is unable to “phone home” for a certain amount of time.