Apple will offer a $2 million reward, the highest reward amount in the industry, to hackers who successfully bypass iOS 16 Lockdown Mode. Lockdown Mode is a defense mode for those at high risk of cyberattacks ( world leaders, celebrities, lobbies, journalists, activists, etc.) that allows them to stay in communication while limiting the risk of being hacked. As a result, the device will, for example, block all attachments and images in messages and disable previewing. The same goes for shared albums in Photos. In addition to blocking message attachments, enabling Lockdown Mode will block link previews, invites, and Face Time calls from unknown senders. The mode will also disable some default web browsing technologies, and it will also close wired connections to computers or other accessories.
Apple has officially launched a new feature called Lockdown mode (literally Lock mode) during the 2022 edition of WWDC, its conference dedicated to developers which was held this year from June 6 to 10. This new feature comes with iOS 16, iPadOS 16 and macOS Ventura and is specifically designed to thwart cyberattacks.
The stated objective is to counter the massive increase in threats from spyware developed by private companies, or sometimes state-sponsored groups, such as Pegasus. The user can then activate this new locking mode himself if he suspects a cyberthreat.
Lockdown mode is a capability that reflects our unwavering commitment to protecting users against the rarest and most sophisticated attacks,” said Ivan Krstić, head of security engineering and architecture at Apple. While the vast majority of users will never fall victim to highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are. This includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world who are doing critically important work to expose the corporate mercenaries who create these digital attacks.
Lockdown mode provides an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from the NSO Group and other private companies that develop state-sponsored mercenary spyware. Enabling Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further strengthens device defenses and severely limits certain features, significantly reducing the attack surface that could potentially be exploited by highly targeted mercenary spyware.
Cell phone spyware called “Pegasus” has invaded more than 50 countries around the world. According to reports, the number of people monitored by this malware could be as high as 50,000. Once “Pegasus” is deployed on a mobile phone, it can extract text messages, photos, emails, record calls and remotely turn on the phone’s microphone and camera without the knowledge of the user. This poses a great threat to users’ privacy. Pegasus is developed by the Israeli software surveillance company NSO to spy on the most influential people such as journalists, lawyers and politicians. NSO Group was sued by Apple and blacklisted by US officials.
The story of the murder of 59-year-old Washington Post columnist Jamal Khashoggi at the Saudi consulate in Istanbul in 2018 is worth remembering. According to US digital analysis, UAE intelligence agencies installed Pegasus spyware on the journalist’s fiance’s phone months before she died.
At launch, lockdown mode includes the following protections:
- Messages : most types of message attachments other than images are blocked. Some features, such as link previews, are disabled.
- Navigation Web : some complex web technologies, such as just-in-time (JIT) JavaScript compilation, are disabled unless the user removes a trusted site from lockdown mode.
- Services Apple : incoming invitations and service requests, including FaceTime calls, are blocked if the user has not already sent a call or request to the initiator.
- Wired connections to a computer or accessory are blocked when iPhone is locked.
- Configuration profiles cannot be installed and the device cannot enroll in mobile device management (MDM) when lockdown mode is enabled.
The new feature will be available for developer testing this summer, with an official release slated for the fall.
The $2 million reward
To invite feedback and collaboration from the security research community, Apple has also created a new category within the Apple Security Bounty program to reward researchers who find workarounds to Lockdown Mode and help improve its protections. Bounties are doubled for qualifying discoveries in lockdown mode, up to a maximum of $2,000,000 – the highest maximum bounty payout in the industry.
Apple is also awarding a $10 million grant, in addition to damages awarded in the lawsuit against NSO Group, to support organizations that investigate, expose and prevent highly targeted cyberattacks, including those created by companies. corporations developing state-sponsored mercenary spyware. The grant will go to the Dignity and Justice Fund created and advised by the Ford Foundation – a private foundation dedicated to promoting global equity – and designed to pool philanthropic resources to advance social justice around the world. The Dignity and Justice Fund is a project funded by the New Venture Fund, a 501(c)(3) public charity.
The global spyware trade targets human rights defenders, journalists and dissidents; it facilitates violence, reinforces authoritarianism and supports political repression,” said Lori McGlinchey, director of the Ford Foundation’s Technology and Society program. The Ford Foundation is proud to support this extraordinary initiative to strengthen research and civil society advocacy to resist mercenary spyware. We must build on Apple’s commitment, and we invite corporations and donors to join the Dignity and Justice Fund and contribute additional resources to this collective fight.
The Dignity and Justice Fund plans to award its first grants in late 2022 or early 2023, initially funding approaches to help expose mercenary spyware and protect potential targets that include:
- Build organizational capacity and increase on-the-ground coordination of new and existing civil society cybersecurity research and advocacy groups.
- Support the development of standardized digital analysis methods to detect and confirm spyware infiltration that meet evidentiary standards.
- Enable civil society to partner more effectively with device manufacturers, software developers, commercial security firms and other relevant businesses to identify and address vulnerabilities.
- Educate investors, journalists and policy makers about the global mercenary spyware industry.
- Strengthen the ability of human rights defenders to identify and respond to spyware attacks, including security audits for organizations facing increased threats on their networks.
There is now overwhelming evidence from research by Citizen Lab and other organizations that the mercenary surveillance industry is facilitating the spread of authoritarian practices and massive human rights abuses around the world,” said Ron Deibert, director of the Citizen Lab, a research group at the University of Toronto. I commend Apple for creating this important grant, which will send a strong message and help nurture independent researchers and advocacy organizations holding mercenary spyware vendors accountable for harm they inflict on “innocent people.”
Source : Apple
And you?
What do you think of Apple’s cybersecurity strategies?
Would its program for lockdown mode rewards benefit from being extended to other platforms that have this mode (iPadOS 16 and macOS Ventura) or would the choice of iOS 16 seem much more relevant to you at the moment?
For or against the existence of companies like NSO Group which offer law enforcement access to their targets’ telephones? Why ?