Posted on July 8, 2022 at 8:31 PM

Apple Beefs Up iPhone Security Against State-Backed Hackers With “Lockdown Mode”

Apple has announced a new Lockdown Mode on its iPhones to protect high-profile users from state-sponsored hacks. According to the tech giant, the new feature is designed to offer more protection to users such as activists and politicians.

The Lockdown Mode turns off several of the iPhone’s features to make it less exposed to threat actors using spyware to compromise devices. It blocks wired connections and prevents new configuration profiles from being installed. This prevents hackers from copying the data of the targeted device and shuts down incoming Apple service requests.

Lockdown Mode Disables Preview Features

The Lockdown Mode can be used to disable several preview features in iMessage. Additionally, it blocks wired connections, prevents the installation of new configuration profiles, and limits JavaScript on the Safari browser. The company already has a bounty program in place, but it is launching a unique one that promises a $2 million reward. According to the tech giant, the reward will be given to researchers that discover any vulnerability in the Lockdown Mode.

This comes months after there were speculations that threat actors can compromise the latest models of iPhones with “zero-click” attacks. This means that the attacks can be carried out even without the target clicking on any link.

Following the speculations, Apple has been called out to provide a tougher security measure for the new model phones to make them more difficult to hack. The iPhone maker has also received calls from governments to address the issue. In March, U.S. lawmakers made their intention about iPhone’s safety known when they pressed Apple about attack details. They wanted to know whether any of the phones have been reported compromised and how many of the devices have been discovered.

Lockdown Mode Designed To Repel State-Sponsored Hackers

Most threat actors are motivated due to the financial gains in their hacking activities, and most of the malware is designed to steal valuable information from the user. Although malware can come in various forms, the ultimate goal is to steal the target’s information and use the information against them. In some cases, the aim is to deceive the targets into handing over sensitive information like financial accounts.

 But state-backed hackers are more sophisticated and operate a meticulous activity. They succeed even in places with high-security protocols because of the high-tech gadgets they use for their operations.

These set of hackers that the Lockdown Mode is designed to protect against utilizing very expensive tools that are sold directly to sovereign governments or law enforcement agencies. Once they have the tools, they combine their skills to use unknown vulnerabilities to get inside the iPhone’s operating system.

After gaining a foothold, the threat actors can carry out a lot of activities including taking control of the phone’s camera and microphone. It can also be deployed to steal the user’s communications and browsing history.

Apple noted that the Lockdown Mode is designed for a small group of people who believe they are targets of state-sponsored hackers and require a more advanced security feature. These set of people also include business executives and journalists who can draw interest from governments. Hackers have also used spyware to target public officials, including Catalan separatist leaders in Spain and a French minister.

Pegasus Spyware Faces Backlash From Tech Companies

Apple’s head of security engineering and architecture, Ivan Krstic, stated that the new feature is designed for the small number of iPhone users who are targets of sophisticated threat attacks. He added that the majority of users would not be targets of such types of hackers.

The Pegasus spyware is one of the most notorious mercenary spyware for these sophisticated threat groups. It was developed by the NSO Group in Israel and has been used by several hackers.

Recently, Amnesty International and researchers at the University of Toronto discovered several versions of the spyware targeting iPhones. While the NSO Group keeps reiterating that the spyware is used by several government agencies, it has also been used widely by sophisticated hackers.

Last year, Apple sued the Group, complaining that it has malicious tendencies and has damaged its business and reputation. Meta, Facebook’s parent company, has also filed a case against NSO Group over the hacking attempts of WhatsApp using spyware. Last year, the NSA Group was blacklisted by the U.S. Commerce Department, which prevented US firms from partnering with the Group or using the spyware. The Group is also not a fan of big tech firms, who believe the existence of the spyware is a threat “secure status” of their devices.