This story is part of Focal Point iPhone 2022, CNET’s collection of news, tips, and advice on Apple’s most popular product.
What is happening
Apple will offer a new “Lock Mode” for its iPhone, iPad and Mac computers. It is designed to combat advanced piracy and spyware targeted as the Pegasus of the NSO group.
Why it matters
Although these attacks happen to a small group of people, the threat increases. Pegasus was used by repressive governments to spy on human rights activists, lawyers, politicians and journalists. Apple says it has identified similar attacks on people in 150 countries over the past eight months.
That follows
Apple will release the lock mode for free later this year and is publicly committed to regular updates and improvements. The company has also expanded its error rewards and established a grant to encourage further research on this issue.
Apple has been marketing its iPhones, iPads and Macs for years as the most secure and privacy-focused devices on the market. On Wednesday, he bolstered that effort with a new feature coming this fall called Lock Mode, designed to fight targeted piracy attempts like Pegasus malware, which oppressive governments used on human rights workers, lawyers, politicians and journalists. Apple also announced a $ 10 million grant and an error reward of up to $ 2 million to encourage further research into this growing threat.
The tech giant said the lock mode is designed to enable “extreme” protections on its phones, such as blocking attachments and message previews, potentially hackable web browsing technologies, and incoming FaceTime calls from unknown numbers. . Apple devices will also not accept accessory connections unless the device is unlocked, and people cannot install new remote management software on the devices while in lock mode. The new feature is now available in the test software developers are using this summer and will be released for free in the fall as part of iOS 16, iPadOS 16 and MacOS Ventura.
“While the vast majority of users will never be the victims of highly targeted cyber attacks, we will work tirelessly to protect the small number of users who are,” said Ivan Krstić, head of engineering and security architecture at Apple. , in a statement. “Lock mode is an innovative capability that reflects our unwavering commitment to protecting users from even the most rare and sophisticated attacks.”
Apple designed the lock mode to be easy to activate using the settings app on your devices.
apple
Along with the new lockout mode, which Apple calls an “extreme” measure, the company announced a $ 10 million grant to the Fund for Dignity and Justice, which was set up by the Ford Foundation, to help support human rights and fight social repression.
The company’s efforts to improve the security of its devices come at a time when the technology industry is increasingly facing cyberattacks directed by oppressive governments around the world. Unlike widespread ransomware or virus campaigns, which are often designed to spread indiscriminately and more rapidly across homes and corporate networks, attacks such as those used by Pegasus are designed for silent intelligence gathering. .
People must restart their devices before the lock mode is activated.
apple
Last September, Apple sent a free software update to Pegasus, and then sued NSO Group in an effort to prevent the company from developing or selling more piracy tools. He also began sending “Threat Notifications” to potential victims of these hacking tools, which Apple calls “mercenary spyware.” The company said that while the number of people targeted by these campaigns is very small, since November it has been notified to people in about 150 countries.
Other technology companies have also expanded their approach to security in recent years. Google has an initiative called Advanced Account Protection, designed for “anyone at high risk of targeted online attacks” by adding additional layers of security to logins and downloads. Microsoft has been working harder and harder to crack passwords.
Apple said it plans to expand the lock mode over time and announced an error reward of up to $ 2 million for people who find security holes in the new feature. At the moment, it is primarily designed to disable computer functions that may be useful but open people to possible attacks. This includes disabling some fonts, link previews, and incoming FaceTime calls from unknown accounts.
Apple representatives said the company sought a balance between usability and extreme protections, adding that the company is publicly committed to strengthening and improving the function. In the latest iteration of lock mode, which is sent to developers in an upcoming test software update, apps that display webpages will follow the same restrictions that Apple apps follow, though people may approve previously some websites to bypass blocking mode if necessary. People in lock mode will also need to unlock their device before connecting with accessories.
Encourage more research
In addition, Apple said it hopes a $ 10 million planned grant to the Dignity and Justice Fund will help encourage more research on these issues and expand training and security audits for people who could be targeted. .
“Every day we see these threats expand and deepen,” said Lori McGlinchey, director of the Ford Foundation’s Technology and Society program, which works with technical advisors, including Apple’s Krstić, to help lead the fund. . “In recent years, state and non-state actors have used spyware to track and intimidate human rights defenders, environmental activists, and political dissidents in virtually every region of the world.”
Ron Deibert, a professor of political science and director of cybersecurity researchers at the Citizen Lab at the University of Toronto’s Munk School of Global Affairs and Public Policy, said he expects Apple’s blocking mode to be a “major blow.” for spyware companies and governments that depend on their products. “
“We’re doing everything we can, along with several investigative journalists working at this pace, but that’s been all, and that’s a big asymmetry,” he said, adding that the $ 10 million grant Apple will help attract more work towards this issue. “You have a huge industry that is very lucrative and almost totally unregulated, that benefits from huge contracts from governments that want to get involved in this kind of espionage.”