Apple announced Lockdown mode to prevent spyware attacks | WeLiveSecurity

Apple announced Lockdown mode to prevent spyware attacks |  WeLiveSecurity

Apple will introduce a new security feature in iOS, iPadOS and macOS to protect users from specially targeted attacks by spyware like Pegasus.

Apple plans to add a new security feature to protect users against targeted spyware attacks launched by private companies or government agencies. Like, for example, the attacks with the popular Pegasus spyware, created by the NSO Group as a tool for investigating crime and terrorism, but which has been in the eye of the storm on several occasions due to its use in different countries of the world against journalists, diplomats, human rights defenders and other dissidents.

This feature, called Lockdown Mode, limits the device’s defense mechanisms and restricts certain features to reduce the exploitable attack surface in this type of attack. This tool “offers an extreme level of security to a small number of users who, because of their identity or the activity they carry out, can be the target of the most sophisticated attacks, such as those using spy tools designed by NSO Group or other private companies for governments,” Apple said in a statement.

The launch of this new tool will take place from the last quarter of 2022 and will be available on iOS 16, iPad16 and macOS Ventura.

Once Lockdown mode is executed, here is what happens:

  • Messages with any type of attachments other than images are blocked, and the ability to preview links, among other features, is disabled.
  • When using web browsers, certain technologies are disabled, such as Just In Time (JIT) compilation for languages ​​such as JavaScript, although the user can whitelist trusted sites.
  • Requests sent through certain Apple services, such as Facetime calls, are blocked unless the user has already tried to communicate or sent a request to the caller.
  • When iPhone is locked, all wireless connection with any device is blocked.
  • Configuration profiles cannot be installed and mobile device management (MDM) cannot be used.

New security feature called Lockdown. Source: Apple

Separately, Apple has announced that it will incorporate into its Bug Bounty program the ability for researchers to report vulnerabilities to circumvent or improve this new security feature, with rewards of up to $2 million.

It should be mentioned that this announcement from Apple comes after the company in 2021 accused the Israeli group NSO, developer of the Pegasus spyware for Android and iOS, for its use on high-level users, such as diplomats, academics, journalists and dissident figures in different countries around the world.

Likewise, Pegasus is not the only software accused of being used for spying purposes by government agencies and other types of actors. There are other groups, such as Candiru, that sell these kinds of spyware-like tools and we’ve seen them used in attacks in the Middle East before.

#Apple #announced #Lockdown #mode #prevent #spyware #attacks #WeLiveSecurity

Leave a Comment