Apple has announced a new security feature called Lockdown Mode, to help protect users from targeted spyware attacks.
What does Lockdown Mode do?
In a nutshell, it restricts the functionality of apps which apps can run, what services they can access, in order to prevent users from being tracked by mercenary malware made by companies affiliated to Governments, aka state-sponsored attacks. Apple has, in the past, patched security issues related to such vulnerabilities in its operating systems.
We’re not just talking about ad trackers and the sort, there has been a significant rise of mercenary spyware attacks in the past year or so, that target specific people. Such attacks are often zero-click or zero-touch in nature, ie, it does not require any interaction from the user, it’s not like phishing URLs or a downloaded file. Once the victim receives a malicious message (an attachment or link), their device becomes vulnerable and can be hacked via remote commands. On paper, it appears that Lockdown Mode can restrict such attack vectors, thus minimizing the risk.
Apple’s announcement specifically mentions that it designed Lockdown mode to prevent the digital threats such as those from the NSO Group, ie the people behind the Pegasus malware. If it can protect users from such attacks, this could be a real game changer in cybersecurity.
When Lockdown Mode has been turned on, you will need to restart the device.
When Lockdown mode is active, the device will restrict incoming invitations and service requests from Apple. It will only allow FaceTime calls with contacts whom you have called previously. It sounds like an advanced Do Not Disturb mode that only allows trusted contacts to reach out to you.
(Image courtesy: Apple).
The security protocol will also block wired connections with a computer or accessory, so if you try plugging in your iPhone via a USB cable or a hub, it won’t work, which probably means attackers who have physical access to the device may not be able to sideload some malware or execute commands to gain access to the content stored on the phone.
Lockdown mode will prevent the installation of configuration profiles and mobile device management (MDM). This should prove to be a roadblock for attackers who try to gain access to data tied to the account, or breach the device installing by a malicious certificate.
When will Lockdown Mode be available for users?
Lockdown Mode is currently available in macOS Ventura 13 Beta 3. You can access it from the System Settings > Privacy and Security tab. Apple will include Lockdown Mode in iOS 16, and iPadOS 16 too. The stable version of the operating systems will be released this fall, sometime in September or October.
The Lockdown Mode may not be as useful for average users, but could potentially help, it locates, and whistleblowers stay safer.