15.1 C
London
Wednesday, October 5, 2022

Apple’s Lockdown Mode Targets NSO Pegasus Spyware

Must read

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...

The Antler Investor Memo: Wellbase Keeps Employees Healthy and Happy

Early stage investment firm Antler Australia recently supported 13 startups as part of its ongoing program to build great local tech companies. For...

Elon’s biggest Twitter question about free speech is in the courts, not the platform

In April, Elon Musk wanted to buy Twitter to save free speech. Now he's apparently buying Twitter again, and it raises questions about...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

The spyware, called Pegasus, is complex. Basically, it works by taking advantage of zero-day, zero-click exploits on iPhones and Android phones. Zero-day exploits are exploits not yet known to the phone manufacturers and can often be installed remotely on a target’s phone via a simple text message or other link sent, no user interaction required (i.e. “zero-click” ). Once Pegasus is installed, virtually anything a target does on the phone can be accessed and controlled by the NSO client targeting the user.

NSO’s Pegasus spyware is called a threat to democracy. Its use in addressing journalists and human rights activists is one of the reasons Apple has filed a lawsuit against the company to ban it from using Apple’s products and services. That would make it much harder for NSO to find zero-day exploits on Apple devices.

But Apple doesn’t rely solely on the courts to fight NSO Group, Pegasus and spyware makers around the world. The company has announced that it will soon be launching a new feature on its iPhones, iPads and Macs called “Lockdown Mode”.

This feature, which will be released this fall as part of iOS 16, iPadOS 16, and macOS Ventura, is what Apple calls an “extreme” solution for those who may be targeted by Pegasus and other highly sophisticated spyware. You can see why Apple thinks Lockdown Mode is extreme: when users activate it, many of their iPhone’s features will be rendered useless.

Here’s how it works: If users think they’re at risk from a spyware attack or are warned that they’re the victim of a spyware attack (something Apple has been doing since November 2021), they can quickly turn on Lockdown Mode , which is located in the Privacy & Security of the Settings app. Once users select Lockdown mode, their iPhone, iPad, or Mac will reboot and the following features will not be available:

  • All message attachments in the Messages app, except photos, from all senders
  • FaceTime Calls From People You Haven’t FaceTimed Before
  • Several web browser technologies have been blocked, including advanced technologies such as just-in-time (JIT) JavaScript compilation
  • Shared photo albums and new requests for shared albums in the Photos app
  • Wired connections from an iPhone to another device (using a USB cable), when the iPhone is locked
  • Invitations in Apple Services from people you haven’t interacted with before
  • Configuration profiles, such as those used by VPNs or school networks

What these blocked features have in common is that they are often the vectors that deliver zero-day, zero-click exploits.

Fortunately, most Apple users never have to worry about Lockdown Mode: most people probably won’t be the target of highly complex spyware, such as Pegasus. However, for those at risk, Lockdown Mode should be a huge boon as it quickly locks down all known spyware access paths to an iPhone.

[Photo: Apple]

Problems in sight

In the coming years, the worldwide use of spyware by military or mercenaries is only expected to increase, endangering the safety or even the lives of thousands of journalists and human rights defenders. Apple says it has already detected spyware use against its users from 151 countries around the world. However, the company declined to reveal how many users were targeted, citing the ongoing lawsuit against the NSO Group.

On a positive note, Apple says that Lockdown Mode in its current form would have successfully thwarted all past attempts at Pegasus spyware attacks, based on all currently known exploit vectors. Still, Apple recognizes that the fight against spyware is a cat-and-mouse game. That’s why Lockdown Mode is extensible: if new exploits are detected in the future, Apple will tweak the feature to combat them.

Lockdown Mode is available in the current developer betas of iOS 16, iPadOS 16, and MacOS Ventura and will ship to all users this fall with the public release of those operating systems. Ivan Krstić, Apple’s chief of security engineering and architecture, announced the feature: “Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks. Although the vast majority of users will never fall victim to highly targeted cyberattacks, we will work tirelessly to protect the small number of users that are.”

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...

The Antler Investor Memo: Wellbase Keeps Employees Healthy and Happy

Early stage investment firm Antler Australia recently supported 13 startups as part of its ongoing program to build great local tech companies. For...

Elon’s biggest Twitter question about free speech is in the courts, not the platform

In April, Elon Musk wanted to buy Twitter to save free speech. Now he's apparently buying Twitter again, and it raises questions about...

More private sector jobs have been added than expected

The labor market is shifting. SOPA images | Getty Images ADP is a payroll and HR company. Amid fears of a recession, layoffs and cuts, and...