informa
2 min read
article

Apple Debuts Spyware Protection for State-Sponsored Cyberattacks

Apple's new Lockdown Mode protects devices targeted by sophisticated state-sponsored mercenary spyware attacks.

Apple today announced a new feature called Lockdown Mode that automatically locks down any system functionality that could be hijacked by even the most sophisticated, state-sponsored mercenary spyware to compromise a user device.

While Apple acknowledged in its statement announcing the initiative that the number of users who might need Lockdown Mode is small, protecting those who face grave cybersecurity threats is worth the effort, the company says.

"While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are," Ivan Krstić, Apple's head of security engineering and architecture, said about the new Lockdown Mode function. "That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks."

Apple's Lockdown Mode will be available this fall with iOS 16, iPadOS 16, and macOS Ventura. When launched, Lockdown Mode will:

  • Block message attachment types other than images, and disable some features like link previews
  • Disable just-in-time JavaScript compilation unless the user specifically excludes a trusted site from restriction
  • Block incoming invitations, service requests, and FaceTime calls unless the user previously contacted the sender
  • Block wired connections with a computer or accessory when the iPhone is locked
  • Block the installation of configuration profiles and the device's enrollment in mobile device management (MDM)

Along with Apple's announcement of the new Lockdown Mode, the company said it would provide a $10 million cybersecurity grant to researchers working on ways to prevent these targeted attacks and offer a $2 million bug bounty for finding flaws in Lockdown Mode's protections.