Apple Will Block Spyware Attacks

Uploaded on 2022-07-18 in TECHNOLOGY--Developments, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Apple has announced that it will introduce a new security feature to protect high-risk users from spyware attacks. “Apple is previewing a groundbreaking security capability that offers specialised additional protection to users who may be at risk of highly targeted cyber attacks from private companies developing state-sponsored mercenary spyware,” says an Apple news up-date. 

Lockdown Mode will be available in the autumn with the next operating system across all of the company's iPhones, iPads and Macs which will enable users to significantly reduce some features to protect devices from infection.

Apple says the new feature is an “extreme optional protection” for device owners who are more likely to be targeted by nation states using powerful spyware, like journalists, human rights defenders and political activists.
The setting blocks certain functions and prevents unknown users from calling. It comes after Apple devices owned by activists, politicians and journalists were infected with spyware.

Apple is suing NSO Group an Israeli spyware company accusing it of targeting victims in 150 different countries with its powerful Pegasus spyware.

The firm's software could infect both iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras. NSO Group says its tools are made to target terrorists and criminals and insists it only supplies Pegasus to military, law enforcement and intelligence agencies from countries with good human rights records.

When the extent of the alleged surveillance was revealed last July, Apple faced criticism from privacy and security experts for not protecting users. It quickly released an emergency software update to all devices to patch up the vulnerability that Pegasus had secretly been using for years.

Apple is releasing Lockdown Mode as a wider security feature it claims can protect devices from all known spyware currently on the market. Lockdown Mode will include the following protections: 

Messages:  Most message attachment types other than images are blocked. Some features, like link previews, are disabled

Web browsing: Certain complex web technologies, like just-in-time JavaScript compilation, are disabled unless the user excludes a trusted site

Calls: Incoming invitations including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request

Wired connections:  With a computer or accessory are blocked when iPhone is locked

At launch, Lockdown Mode will be available to all users in the device settings, but Apple suggests it should only be activated if someone is a risk of what it calls "mercenary spyware attacks", for example a journalist or opposition leader in a repressive regime. 

Apple announced it will double the bounty threshold it pays out to ethical hackers who discover security flaws in Lockdown Mode to $2m (£1.7m).The US firm will also donate $10m to a fund helping organisations expose the misuse of spyware.

Apple:    Reuters:      Bloomberg:     BBC:     Express & Star:    Washington PostCNet:   Independent:  

You Might Also Read: 

Pegasus Spyware & Not-For-Profit Cyber Security - What Are The Risks?:

 

« Conversational Commerce Is Going To Be Big - But Could Be Risky
Cyber Security In Fintech »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MSAB

MSAB

MSAB is a pioneer in forensic technology for mobile device examination.

Siscon

Siscon

Siscon delivers tailor-made compliance solutions that are based on the customer's specific wishes and reality and then supplement with many years of experience in the field.

EY Advisory

EY Advisory

EY is a multinational professional services firm headquartered in the UK. EY Advisory service areas include Cybersecurity.

CommuniTake

CommuniTake

CommuniTake builds security, enablement, and management solutions to provide people and organizations with better, and more secure mobile device use.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

GovCERT Austria

GovCERT Austria

GovCERT Austria is the Austrian Government Computer Emergency Response Team. Its constituency consists of Austria's public administration.

Prescient

Prescient

Prescient’s Cyber solutions supplement your firm’s existing data security infrastructure with specialized investigations that identify unconventional cyber risks.

Westminster Insight - Cyber Security Conference

Westminster Insight - Cyber Security Conference

Join colleagues this December for Westminster Insight’s Cyber Security Conference, as you’ll assess how new technologies such as AI can secure your organisation against future threats.

StoneLock

StoneLock

StoneLock is a trusted leader in the design and manufacture of facial recognition software and technology.

ACI Learning

ACI Learning

ACI Learning - Training tomorrow’s industry leaders with formats for all types of learners in Audit, Cybersecurity, and IT.

Falconfeeds

Falconfeeds

Falconfeeds empowers businesses and security professionals with immediate access to the latest and historical threat intelligence data.

Two99

Two99

Two99 provide tailored excellence in the areas of E-Commerce, Marketing, Consulting, and Cyber Security.

ArmorX AI

ArmorX AI

ArmorX AI (formerly Kapalya) operates an encryption management platform designed to encrypt all data in transit and at rest on mobile end-points, corporate servers, and cloud servers.

Canary Technology Solutions (Canary IT)

Canary Technology Solutions (Canary IT)

A Cloud, Cyber Security, Retail Solutions and Managed IT Services provider for over 25 years, we safeguard and revolutionise business through technology and foresight.

Affinity Technology Partners

Affinity Technology Partners

Affinity Technology Partners has been fueling the growth of Nashville, Tennessee businesses and nonprofits with reliable IT services since 2002.

X-PHY

X-PHY

X-PHY is a pioneering cybersecurity company dedicated to hardware-based cybersecurity solutions that protect data at its core.