In an effort to make it more difficult for mercenary spyware companies like Pegasus producer NSO Labs to target and hack iPhone users, Apple has revealed a significant upgrade to the security of the device. This followed the discovery of zero-day vulnerabilities by many private cyber offensive firms, which then let their clients — often government agencies and authorities — to break into the computers of journalists, activists, dissidents, etc.
By restricting the features of the smartphone that may possibly be accessible by surveillance software, the “Lockdown Mode” feature, which will be available later this year for iPhones, iPads, and Mac computers, will lower the attack surface for hackers on these devices.
The majority of message attachment types will be blocked, complex web technologies like some JavaScript compilations will be disabled, incoming invitations and service requests for Apple services like FaceTime will be blocked, wired connections between an iPhone and a computer will be blocked, and so on. Apple said that it will keep adding further safeguards to Lockdown Mode in the future.
To “help safeguard customers who may be individually targeted by some of the most sophisticated digital threats, such as those from private organisations building state-sponsored mercenary malware,” Apple explained these activities in a blog post. Following the exposure of multiple such spyware companies for breaking into iPhone and Android devices over the past several years, the statement was made.
In July 2021, a worldwide coalition of media outlets reported that many governments had employed spyware to eavesdrop on political opponents, journalists, businesspeople, etc. Rahul Gandhi, the leader of the Congress, Prashant Kishor, the current Information and Technology Minister Ashwini Vaishnaw (who wasn’t the minister at the time), the then-Election Commissioner Ashok Lavasa, and a number of other well-known individuals were listed as potential targets in the Indian leg of the investigation. The list included information on about 40 journalists.
Apple also disclosed a $10 million grant for organisations that investigate, expose, and prevent highly targeted cyberattacks, including those produced by private companies creating state-sponsored mercenary spyware, in addition to the Lockdown Mode and any damages awarded from the lawsuit brought against NSO Group.
The grant will go to the Ford Foundation-founded Dignity and Justice Fund, which will be advised by it and expected to issue its first grants in late 2022 or early 2023. It will first provide funding for strategies that aim to safeguard potential targets and reveal mercenary malware.